SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
Create a Central Store
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
IIS Chared Configuration
Implement Windows System Resource Manager (WSRM) and configure user policies
2. to increase the reliability of the print server - configure...
Incoming external trust
Service user account for AD LDS
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Printer driver isolation
3. to protect file servers and hard disks that may be at risk of being accessed or stolen
Use CISCO IP Helper command to configure.
Implement Windows BitLocker Drive Encryption (BitLocker)
Run net stop ntds
Run the Delegation of Control Wizard on the Staff OU
4. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Enable Windows Remote Management (WinRM) on each server.
Deploy a GPO for the Sales OU
FILES option within Ntdsutil
From Server1 - run the Create Basic Task Wizard
5. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Perform an authoritative restore
Configure caching on the shared folder and configure offline files to use encryption
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
6. George's user account has been deleted in Active Directory. George's user account needs to be restored by usine minimal amount of effort. What should be done?
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Perform an authoritative restore
Basic Authentication and SSL
7. Need to ensure users receive updated template within five days...
Jill came down with 2.50.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Registry on users computer needs to be modified
Increase the tombstone lifetime for the forest.
8. With Group Polices having over 8 -000 different settings - the possibility of conflicting policies - and security filters you should track multiple versions and offline modifications to GPOs. You should recommend
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Microsoft Desktop Optimization Pack (MDOP)
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Increase the tombstone lifetime for the forest.
9. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Attach VHD file created by Windows server backup
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Active Directory snapshots and Tombstone reanimation
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
10. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Active Directory Right Management Services (AD RMS)
Winrm quickconfig
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
11. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Include a server that runs Microsoft Office SharePoint Server 2010
Modify the GPO to include folder redirection
Implement one LUN for the quorum and another LUN for the data
12. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Microsoft System Center Data Protection Manager 2010
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
DFL needs to be Windows Server 2008
Implement a Remote Desktop Connection Broker (RD Connection Broker)
13. To make deploying the custom Word dictionary easy
Ntfrsutil
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Configure authorization rules for Web developers on each web server
Recommend Group Policy preferences
14. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
New ACCOUNT STORE should be added and configured
Modify zone transfer settings for company.com zone on DCA
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Offline domain join
15. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Modify zone transfer settings for company.com zone on DCA
Recommend Group Policy preferences
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
802.1.x NAP
16. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Administrative Role Separation
Active Directory snapshots and Tombstone reanimation
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Configure the zone as an Activde Directory-Integrated zone.
17. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Install the RSAT tool on their workstation to provide for more efficient network management
Then use Windows BitLocker Drive Encryption
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Deploy a GPO to the WebSrvOU
18. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Create a Central Store
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
The Group Policy Management console
Restore-ADObject cmdlet
19. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Implement the Windows Search Service.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Implement Shadow Copies
20. To backup GPO's in domain and minimize bakcup...
The Group Policy Management Console
Set-ADServiceAccount cmdlet
Registry on users computer needs to be modified
Distributed File System (DFS) Replication
21. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Use CISCO IP Helper command to configure.
Implement Windows System Resource Manager (WSRM)
22. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Deploy a GPO for the Sales OU
Modify zone transfer settings for company.com zone on DCA
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Create a MEDV workspace
23. What GPO setting should be configured to prevent all users from running an application?
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Software Restriction Polices
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
DSMOD
24. To enable the AD Recycle Bin
Role Separation
Enable - ADoptionalFeature cmdlet
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
25. You need to ensure that the guest account on all servers is disabled to
Implement Shadow Copies
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Modify the schema of LDSInst1
Windows BitLocker Drive Encryption (Bit Locker)
26. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Implement GPO for all client computers
dnscmd
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
27. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Repadmin
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Install and share a printer on a server and then enable printer pooling.
28. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Windows Deployment Services (WDS)
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Create an e-mail account in AD DS for your RMS users.
29. You need to design your WSUS infrastructure so that updates are highly available. To do so
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Disable Site Link Bridging from the IP properties
Data Recovery Agent
Domain based DFS namespace and configure a DFS replication group
30. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Software Restriction Polices
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Modify properties of RODC server computer account.
Add the Windows Server Backup feature and Windows System Image recovery.
31. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
32. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Implement a domain-based DFS namespace that uses replication
Microsoft Desktop Optimization Pack (MDOP)
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Microsoft Application Virtualization (AppV)
33. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Data Recovery Agent
Implement folder redirection by using GPO. Then backup the folder redirection target.
DISABLE slow link detection in the GPO
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
34. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Use the Local Roles options with dsmgmt.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
35. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Then install new Server 2008 R2 Enterprise subordinate CA.
Autonomous mode...This allows the local administrator to approve their own updates.
Windows Server 2003
36. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Windows BitLocker Drive Encryption (Bit Locker)
Printer driver isolation
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Implement Windows BitLocker Drive Encryption (BitLocker)
37. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Windows Deployment Services (WDS)
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Configure authorization rules for Web developers on each web server
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
38. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Add George to the Domain Admins group.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Utilize IFM (Install From Media)
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
39. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Use a GPO to configure device installation restrictions
Then install new Server 2008 R2 Enterprise subordinate CA.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
40. Ensure password length for a group set to 12 characters long while others keep password policy
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
New ACCOUNT STORE should be added and configured
Add-ADFineGrainedPasswordPolicySubject cmdlet
View properties of %systemroot%ntdsntds.dit
41. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
42. You need to recommend a solution for users in the branch office to access files in the main office. To minimize the amount of time it takes for users in the Branch office to access files stored on servers in the main office - and minimize the number
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
43. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Configure event log subscriptions
From Server A - run Create Basic Task Wizard
Configure authorization rules for Web developers on each web server
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
44. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Include a server that runs Microsoft Office SharePoint Server 2010
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Create an e-mail account in AD DS for your RMS users
Dfsrdiag
45. FFL is...
Win2000
Microsoft Application Virtualization (AppV)
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
ntdsutil
46. If users need access to files locally and must be able to access files at another site if the local copy is not available you should implement this.
A Distributed File System (DFS) namespace
Use Netsh tool from administrator's computer.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Implement Distributed File System Replication (DFSR) on both servers
47. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Active Directory Right Management Services (AD RMS)
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
48. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
CAPublishGP group should have the Manage CA permission.
Run net stop ntds
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
WSUS server in the branch office in replica mode.
49. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
DSMOD
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Incoming external trust
Ntdsutil
50. To update ADRMS password...
Winrm quickconfig
Multipath I/O feature
AD Rights Management Services
Configure Audit Special Logon and define Special Groups
