SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Deploy a failover cluster that uses Node and File Share Disk Majority
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Configure Firewall Group Policies and link them at the Domain level
Implement a domain-based DFS namespace that uses replication
2. To prevent account password from being cached on RODC server...
Modify properties of RODC server computer account.
The Group Policy Management Console
Deploy Microsoft System Center Operations Manager (SCOM)
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
3. If you need to allow an external partner's computer to access internal network resources by using SSTP
Implement Shadow Copies
Implement a domain-based DFS namespace that uses replication
Create a new Password Settings Object (PSO) for the IT users.
Deploy the Root CA certificate to the external computers.
4. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
5. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Dsmgmt
File Server Resource Manager (FSRM) quotas and file screens
Back up to an external USB drive by using Windows Server Backup
6. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Create a Central Store
Implement Distributed File System Replication (DFSR) on both servers
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
7. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Install the RSAT tool on their workstation to provide for more efficient network management
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Then use on install image file that contains a single install image.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
8. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Modify properties of RODC server computer account.
Set-ADServiceAccount cmdlet
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
9. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
CAPublishGP group should have the Manage CA permission.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Create and deploy a logon script that runs Auditpol.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
10. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Implement Distributed File System Replication (DFSR) on both servers
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Active Directory Right Management Services (AD RMS)
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
11. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
AD RMS
Use Netsh tool from administrator's computer.
12. New password settings object (PSO) created and needs to be applied to user
Properties of PSO need modified
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Incoming external trust
Upgrading DFS to Windows Server 2008 R2
13. Jack and Jill go up the hill - both with a buck and a quarter
New ACCOUNT STORE should be added and configured
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Winrm quickconfig
Jill came down with 2.50.
14. Tools to view contents of an OU in an AD snapshot...
dsa.msc - dsamain.exe - ntdsutil.exe
Then use Windows BitLocker Drive Encryption
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
File Server Resource Manager (FSRM) quotas and file screens
15. You need to relocate an AD LDS instance from C: Drive to D: Drive
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Autonomous mode...This allows the local administrator to approve their own updates.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
16. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Implement Windows System Resource Manager (WSRM) and configure user policies
ntdsutil
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
17. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
MEDV to deploy virtual desktops
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Create an Active Directory-Integrated zone.
18. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Windows Server 2003
Microsoft Desktop Optimization Pack (MDOP) to your company
Refresh the zone on DNS2
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
19. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Configure authorization rules for Web developers on each web server
Recommend GPT and basic disks
Use Netsh tool from administrator's computer.
Windows Server 2003
20. Ensure password length for a group set to 12 characters long while others keep password policy
Add-ADFineGrainedPasswordPolicySubject cmdlet
Network Load Balancing (NLB) cluster
Recommend GPT and basic disks
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
21. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Recommend Offline Files
Domain based DFS namespace and configure a DFS replication group
Windows System Resource Manager (WSRM)
22. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Network Load Balancing (NLB) cluster
ntdsutil
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
23. You need to deploy a sales application that only the sales users must have access to
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Deploy a GPO for the Sales OU
Service user account for AD LDS
Disable Site Link Bridging from IP Properties
24. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Install and share a printer on a server and then enable printer pooling.
Winrm quickconfig
Dynamically expanding VHD's
25. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Microsoft SharePoint Foundation 2010
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Include a server that runs Microsoft Office SharePoint Server 2010
26. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Assign the application to computers in the PC OU
Run adprep /forestprep and adprep /domainprep
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
DSMOD
27. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
DISABLE slow link detection in the GPO
Use local roles options within "dsmgmt"
Modify the local policy to point to the Internal WSUS server
Install Hyper-V role and convert physical machines into virtual machines
28. To allow a specifc user or group to manage the address information for the user accounts...
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Microsoft System Center Data Protection Manager 2010
Prestage the computer account in AD
Recommend Active Directory delegation
29. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Implement a GPO for each domain
Configure block inheritance on the IT OU
30. If you need to delegate control of server to remote admins group
Configure RODC for Administrator Role Separation
Certificate Templates
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Create a new Password Settings Object (PSO) for the IT users.
31. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Repadmin
Windows Deployment Services (WDS)
Configure Audit Special Logon and define Special Groups
Microsoft Desktop Optimization Pack (MDOP) to your company
32. To identify users who bypass the new corporate security policy -
Configure Audit Special Logon and define Special Groups
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Storage manager for SANs
Recommend Active Directory delegation
33. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Add George to the Domain Admins group.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Basic Authentication and SSL
34. 2 ways to relocate user and computer accounts to different OUs
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Run net stop ntds
DSMOD - ADUC
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
35. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
An Active Directory subnet object needs to be created.
Ntdsutil
Domain based Distributed File System (DFS) namespace and DFS Replication.
36. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Purchase one additional Enterprise License
Attach VHD file created by Windows server backup
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Add the user to the Domain Admins global group
37. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Deploy a GPO to the WebSrvOU
38. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Folder redirection. Folder redirection is also useful when using roamin profiles.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
39. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Properties of PSO need modified
40. To defragment and AD database...
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
net stop ntds
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
41. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Deploy Microsoft System Center Operations Manager (SCOM)
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Modify the GPO to include folder redirection
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
42. When recommending a monitoring solution for an application so that it's events can be stored in a central
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Service user account for AD LDS
Implement a domain-based DFS namespace that uses replication
Event Subscriptions
43. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Storage manager for SANs
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
MEDV to deploy virtual desktops
A relying party trust should be created.
44. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Add the new UPN Suffix to the forest
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Modify the schema of LDSInst1
45. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Active Directory Right Management Services (AD RMS)
Passive file screens
Implement File Server Resource Manager (FSRM) quotas on the desired servers
46. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
AD Rights Management Services
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Implement GPO for all client computers
47. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Install Hyper-V role and convert physical machines into virtual machines
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Create a standard secondary of domain and create standard secondary of other domain.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
48. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
DFL needs to be Windows Server 2008
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
49. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Offline domain join
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Create a standard secondary of domain and create standard secondary of other domain.
Add the Windows Server Backup feature and Windows System Image recovery.
50. What utility is used to see what accounts cached on RODC?
Then use Windows Deployment Services (WDS) on DHCP1.
Recommend Active Directory delegation
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Active Directory Users and Computers
