SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Windows XP Mode
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
IIS Manager user account
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
2. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Then use on install image file that contains a single install image.
Then use Windows Deployment Services (WDS) on DHCP1.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Winrm quickconfig
3. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Changed manually
Configure Firewall Group Policies and link them at the Domain level
Then use Windows Deployment Services (WDS) on DHCP1.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
4. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Create a Central Store
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Add the Windows Server Backup feature and Windows System Image recovery.
Implement Network Access Protection (NAP)
5. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
MEDV to deploy virtual desktops
Raise the DFL to Windows Server 2008 R2.
6. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
Event Viewer
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Autonomous mode...This allows the local administrator to approve their own updates.
7. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Administrators is the minimum group membership required to complete this procedure.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
8. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
The Group Policy Management Console
Windows Server 2003
9. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
802.1.x NAP
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
10. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
Microsoft System Center Data Protection Manager 2010
net stop ntds
Create a MEDV workspace
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
11. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Execute the Set-ADServiceAccount cmdlet
Disable Site Link Bridging from the IP properties
Install From Media IFM
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
12. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Enable Windows Remote Management (WinRM) on the servers.
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Test-AppLockerPolicy
Printer driver isolation
13. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
WDS
Domain based Distributed File System (DFS) will reduce network traffic
Ntfrsutil
Back up to an external USB drive by using Windows Server Backup
14. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Configure Firewall Group Policies and link them at the Domain level
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Then use Windows Deployment Services (WDS) on DHCP1.
From Server A - run Create Basic Task Wizard
15. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Modify properties of RODC server computer account.
Configure authorization rules for Web developers on each web server
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Dsmgmt
16. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Then use on install image file that contains a single install image.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Configure Firewall Group Policies and link them at the Domain level
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
17. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
18. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Windows XP Mode
Add George to the Domain Admins group.
Share and Storage Management
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
19. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Software Restriction Polices
Modify the local policy to point to the Internal WSUS server
Dynamically expanding VHD's
Deploy a failover cluster that contains one node in each office.
20. The strongest form of NAP is
Subnet object needs to be created
Storage manager for SANs
Deploy a GPO to the WebSrvOU
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
21. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Create a Central Store
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Modify the schema of LDSInst1
22. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
DFL needs to be Windows Server 2008
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Disable Site Link Bridging from the IP properties
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
23. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
PDC emulator with w32tm.exe
Microsoft Desktop Optimization Pack (MDOP)
Active Directory Right Management Services (AD RMS)
Dsmgmt
24. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Network Load Balancing (NLB) cluster
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Group Policy Preferences
Deploy Microsoft System Center Operations Manager (SCOM)
25. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
FILES option within Ntdsutil
AD RMS
Assign the application to all client computers by using a GPO.
dnscmd tool
26. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Winrm quickconfig
Zone transfer settings
Perform an authoritative restore
27. What should be done so application does not fail after 30 days while still keeping password policy in mind?
fsconfig on FSSrv2
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Set-ADServiceAccount cmdlet
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
28. You need to deploy a sales application that only the sales users must have access to
Deploy a GPO for the Sales OU
FFL Windows Server 2008 R2
Event Viewer
Configure block inheritance on the IT OU
29. To allow for an application on a Remote Desktop Server to be available through document invocation - you must
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Disable Site Link Bridging from the IP properties
Add George to the Domain Admins group.
30. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
31. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
DISABLE slow link detection in the GPO
A relying party trust should be created.
Raise the DFL to Windows Server 2008 R2.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
32. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
Microsoft SharePoint Foundation 2010
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Add the Windows Server Backup feature and Windows System Image recovery.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
33. To enable the AD Recycle Bin
Enable - ADoptionalFeature cmdlet
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Modify the schema of LDSInst1
Group Policy Preferences
34. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Assign the application to computers in the PC OU
Software Restriction Polices
Microsoft SharePoint Foundation 2010
Restore-ADObject cmdlet
35. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Improve the performance of File Servers
Dsmgmt
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Implement a domain-based DFS namespace that uses replication
36. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Enable Windows Remote Management (WinRM) on the servers.
Then install new Server 2008 R2 Enterprise subordinate CA.
37. To identify users who bypass the new corporate security policy -
Create an e-mail account in AD DS for your RMS users
Implement Windows System Resource Manager (WSRM)
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Configure Audit Special Logon and define Special Groups
38. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
File Server Resource Manager (FSRM) quotas and file screens
Software Restriction Polices
From Server A - run Create Basic Task Wizard
Offline domain join
39. To create and additional AD LDS applicaiton directory partition in existing instance...
Authorization Manager
Zone transfer settings
Ldp
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
40. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
Network Load Balancing (NLB) cluster
dnscmd tool
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Event Viewer
41. To backup GPO's in domain and minimize bakcup...
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
The Group Policy Management Console
Authorization Manager
NOT be able to store that data on an iSCSI SAN
42. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Passive file screens
Windows BitLocker Drive Encryption (Bit Locker)
Event Log Subscriptions
WSUS server in the branch office in replica mode.
43. You need an Active Directory strategy that supports the recovery of deleted objects for up to one year after the date of deletion. to accomplish this
Increase the tombstone lifetime for the forest.
dsa.msc - dsamain.exe - ntdsutil.exe
Configure caching on the shared folder (offline files)
From Server A - run Create Basic Task Wizard
44. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Recommend Group Policy preferences
Run net stop ntds
Test-AppLockerPolicy
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
45. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
46. 4 steps to perform authoritative restore of a deleted OU...
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
47. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Printer driver isolation
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Disable Site Link Bridging from IP Properties
48. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Configure event log subscriptions
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Dsmgmt
49. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Storage manager for SANs
Back up to an external USB drive by using Windows Server Backup
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
50. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Test-AppLockerPolicy
Enable - ADoptionalFeature cmdlet
Implement GPO for all client computers
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests