SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Windows BitLocker Drive Encryption (Bit Locker)
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
2. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Then configure GlobalNames zones on each domain controller.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Upgrading DFS to Windows Server 2008 R2
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
3. You need to deploy a sales application that only the sales users must have access to
Deploy a GPO for the Sales OU
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
4. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Dynamically expanding VHD's
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Windows System Resource Manager (WSRM)
5. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Network Load Balancing (NLB) cluster
Implement one LUN for the quorum and another LUN for the data
From Server1 - run the Create Basic Task Wizard
Folder redirection. Folder redirection is also useful when using roamin profiles.
6. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Authorization Manager
Win2000 Native
IIS Manager user account
Configure the zone as an Activde Directory-Integrated zone.
7. What shold be done to configure AD RMS so users can protect their data?
Authorization Manager role assignment
Use the Local Roles options with dsmgmt.
Import-Module
Create an e-mail account in AD DS for your RMS users
8. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
AD Domains and Trusts
Offline domain join
Service user account for AD LDS
Administrative Role Separation
9. What should be done to resolve names by using GlobalNames zone?
dnscmd tool
Implement GPO for all client computers
A Distributed File System (DFS) namespace
Windows XP Mode
10. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
802.1.x NAP
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Distributed File System (DFS) Replication
11. If CA PKI needs to support Suite B hashing and encryption algorithms and store keys in AD
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Deploy a failover cluster that uses Node and File Share Disk Majority
Then install new Server 2008 R2 Enterprise subordinate CA.
Event Subscriptions
12. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Modify zone transfer settings for company.com zone on DCA
Install Windows Server Backup and modify the Windows firewall settings
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
13. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
IIS Manager user account
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
14. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Implement a GPO for each domain
Configure block inheritance on the IT OU
Active Directory Users and Computers
Execute the Set-ADServiceAccount cmdlet
15. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Utilize IFM (Install From Media)
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Back up to an external USB drive by using Windows Server Backup
16. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
dnscmd
Software Restriction Polices
Configure folder redirection
17. 4 steps to perform authoritative restore of a deleted OU...
Active Directory Right Management Services (AD RMS)
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Configure offline files and enable manual caching
18. What should be done first to defragment the AD database?
Implement a domain-based DFS namespace that uses replication
Perform an authoritative restore
Include a server that runs Microsoft Office SharePoint Server 2010
Run net stop ntds
19. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Properties of PSO need modified
Then configure GlobalNames zones on each domain controller.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
20. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Disable Site Link Bridging from IP Properties
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
21. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Configure authorization rules for Web developers on each web server
Multipath I/O feature
A relying party trust should be created.
22. In order to ensure highly available Windows Update servers you should create this.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Windows System Resource Manager (WSRM)
Install and share a printer on a server and then enable printer pooling.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
23. To backup to tape/robotic tape and to backup VMs you must use...
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Prestage the computer account in AD
Microsoft System Center Data Protection Manager 2010
Microsoft Application Virtualization (AppV)
24. To allow connection to a 256 Kbps ISDN...
DISABLE slow link detection in the GPO
Add George to the Domain Admins group.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Administrative Role Separation
25. Tool to change Directory Services Restore Mode password on Domain Controller...
Install Windows Server Backup and modify the Windows firewall settings
Windows XP Mode
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
ntdsutil
26. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Configure separate application pools for each application
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Enable Credential Roaming
27. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Add the user to the Domain Admins global group
Implement Windows System Resource Manager (WSRM) and configure user policies
Implement Distributed File System Replication (DFSR) on both servers
Microsoft Desktop Optimization Pack (MDOP)
28. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Winrm quickconfig
Enable Windows Remote Management (WinRM) on each server.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Enable - ADoptionalFeature cmdlet
29. To be able to user an application from one AD FS with authentication server to another...
Dynamically expanding VHD's
Modify properties of RODC server computer account.
A relying party trust should be created.
Attach VHD file created by Windows server backup
30. You need to relocate an AD LDS instance from C: Drive to D: Drive
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Enable Windows Remote Management (WinRM) on the servers.
Implement Windows System Resource Manager (WSRM)
File Server Resource Manager (FSRM) quotas and file screens
31. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Share and Storage Management
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Repadmin
32. If you need to encrypt all data on all disks
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
fsconfig on FSSrv2
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Then use Windows BitLocker Drive Encryption
33. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
Then use Windows BitLocker Drive Encryption
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
34. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Configure offline files and enable manual caching
The Group Policy Management Console
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Install From Media IFM
35. What GPO setting should be configured to prevent all users from running an application?
Implement a domain-based DFS namespace that uses replication
Software Restriction Polices
Run net stop ntds
FILES option within Ntdsutil
36. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Implement folder redirection by using GPO. Then backup the folder redirection target.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
37. If you need to delegate control of server to remote admins group
Storage manager for SANs
Configure RODC for Administrator Role Separation
Passive file screens
Distributed File System (DFS) Replication
38. When deploying an application using the Group Policy distribution method assign the...
Repadmin
Additional DFS Targets
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Domain based Distributed File System (DFS) namespace and DFS Replication.
39. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
PDC emulator with w32tm.exe
Changed manually
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
40. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Configure Firewall Group Policies and link them at the Domain level
Deploy a GPO for the Sales OU
Then install new Server 2008 R2 Enterprise subordinate CA.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
41. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Then configure auto enrollment of certificates and Credential Roaming.
Configure offline files and enable manual caching
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Domain based Distributed File System (DFS) will reduce network traffic
42. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
IIS Manager user account
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Install the RSAT tool on their workstation to provide for more efficient network management
43. For the users that work remotely that need access to files from the corporate office you should...
New ACCOUNT STORE should be added and configured
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Recommend Offline Files
Dynamically expanding VHD's
44. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
Additional DFS Targets
Implement Network Access Protection (NAP)
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Event Log Subscriptions
45. To allow a specifc user or group to manage the address information for the user accounts...
Execute the Set-ADServiceAccount cmdlet
Then use on install image file that contains a single install image.
Recommend Active Directory delegation
Create an e-mail account in AD DS for your RMS users.
46. Enables you to receive emails when domain users locked out of accounts...
Event Viewer
DSMOD - ADUC
Install Hyper-V role and convert physical machines into virtual machines
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
47. To deploy templates across the organization
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
DISABLE slow link detection in the GPO
Implement a GPO for each domain
Disable Site Link Bridging from the IP properties
48. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Raise the DFL to Windows Server 2008 R2.
Add the Windows Server Backup feature and Windows System Image recovery.
Event Subscriptions
49. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Administrative Role Separation
Execute the Set-ADServiceAccount cmdlet
Network Load Balancing (NLB) cluster
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
50. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Basic Authentication and SSL
Administrators is the minimum group membership required to complete this procedure.
Windows System Resource Manager (WSRM)
