SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
From Server A - run Create Basic Task Wizard
2. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Deploy a failover cluster that contains one node in each office.
Event Viewer
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Use local roles options within "dsmgmt"
3. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Configure caching on the shared folder (offline files)
dnscmd tool
4. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Disable Site Link Bridging from the IP properties
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Create a MEDV workspace
5. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Windows Server 2003
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
6. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Attach VHD file created by Windows server backup
Install From Media IFM
Implement a Remote Desktop Connection Broker (RD Connection Broker)
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
7. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Modify the local policy to point to the Internal WSUS server
Create and deploy a logon script that runs Auditpol.
8. to make shares at a remote location available to users you should implement this.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Implement the Windows Search Service.
Domain based Distributed File System (DFS) namespace and DFS Replication.
9. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Deploy a GPO to the WebSrvOU
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Disable Site Link Bridging from IP Properties
Zone transfer settings
10. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Windows Server 2003
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Create a standard secondary of domain and create standard secondary of other domain.
11. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Deploy a failover cluster that uses Node and File Share Disk Majority
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
12. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Implement Shadow Copies
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
13. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Add George to the Domain Admins group.
Software Restriction Polices
AD RMS
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
14. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Dynamically expanding VHD's
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
15. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Dfsrdiag
Distributed File System (DFS) Replication
Active Directory Users and Computers
16. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Configure Firewall Group Policies and link them at the Domain level
Add the Windows Server Backup feature and Windows System Image recovery.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Dsmgmt
17. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Configure Audit Special Logon and define Special Groups
Site
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
18. George's user account has been deleted in Active Directory. George's user account needs to be restored by usine minimal amount of effort. What should be done?
Windows Deployment Services (WDS)
Then use on install image file that contains a single install image.
From Server1 - run the Create Basic Task Wizard
Perform an authoritative restore
19. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
20. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Install Windows Server Backup and modify the Windows firewall settings
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Refresh the zone on DNS2
Microsoft Desktop Optimization Pack (MDOP) to your company
21. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Configure caching on the shared folder and configure offline files to use encryption
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Your machine and remote desktops
22. To replicate SYSVOL using Distributed File System Replication (DFSR)...
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
DISABLE slow link detection in the GPO
DFL needs to be Windows Server 2008
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
23. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
24. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Folder redirection. Folder redirection is also useful when using roamin profiles.
File Server Resource Manager (FSRM) quotas and file screens
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
25. To create AD Domain Services snapshot
fsconfig on FSSrv2
Use a GPO to configure device installation restrictions
Ntdsutil
MEDV to deploy virtual desktops
26. Need to access some resources in another domain that is part of another forest...What trust is created?
Incoming external trust
Microsoft Application Virtualization (AppV)
Purchase one additional Enterprise License
Deploy it by using Group Policy Software Installation method
27. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Configure the zone as an Activde Directory-Integrated zone.
Purchase one additional Enterprise License
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Perform an authoritative restore
28. What role to keep same time as an external server?
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Changed manually
PDC emulator with w32tm.exe
Folder redirection. Folder redirection is also useful when using roamin profiles.
29. You need to deploy a sales application that only the sales users must have access to
Deploy it by using Group Policy Software Installation method
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Deploy a GPO for the Sales OU
30. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Dsmgmt
Configure folder redirection
31. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Run net stop ntds
Utilize IFM (Install From Media)
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
32. DFL is...
Software Restriction Polices
Win2000 Native
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Active Directory snapshots and Tombstone reanimation
33. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Creating a data collector set that kick off a scritp that either move or delete files.
Changed manually
Raise the DFL to Windows Server 2008 R2.
Perform an authoritative restore
34. If subnets are connected by CISCO router that is RFC-1542 compliant
Use CISCO IP Helper command to configure.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
CAPublishGP group should have the Manage CA permission.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
35. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Install From Media IFM
Add the new UPN suffix to the forest.
Upgrading DFS to Windows Server 2008 R2
36. What utility is used to see what accounts cached on RODC?
Deploy the Root CA certificate to the external computers.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Active Directory Users and Computers
37. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
38. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Windows Server 2003
From Server A - run Create Basic Task Wizard
Assign the application to computers in the PC OU
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
39. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
dnscmd
Then configure auto enrollment of certificates and Credential Roaming.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
40. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Implement Distributed File System Replication (DFSR) on both servers
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Dsmgmt
Implement Windows System Resource Manager (WSRM) and configure user policies
41. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Configure separate application pools for each application
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
From Server A - run Create Basic Task Wizard
42. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Add George to the Domain Admins group.
43. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Configure offline files and enable manual caching
44. 2 ways to relocate user and computer accounts to different OUs
DSMOD - ADUC
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Share and Storage Management
Windows BitLocker Drive Encryption (Bit Locker)
45. To make deploying the custom Word dictionary easy
Recommend Group Policy preferences
Incoming external trust
Group Policy Preferences
Then install new Server 2008 R2 Enterprise subordinate CA.
46. To be able to manage all the corporate servers from a workstation - you must install the
Modify properties of RODC server computer account.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
An Active Directory subnet object needs to be created.
47. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Deploy it by using Group Policy Software Installation method
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Assign the application to all client computers by using a GPO.
48. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Then use Windows Deployment Services (WDS) on DHCP1.
From Server1 - run the Create Basic Task Wizard
Configure caching on the shared folder and configure offline files to use encryption
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
49. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Enable - ADoptionalFeature cmdlet
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Data Recovery Agent
50. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Active Directory snapshots and Tombstone reanimation
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
