SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Striped volumes
Test-AppLockerPolicy
Raise the DFL to Windows Server 2008 R2.
Improve the performance of File Servers
IIS Manager user account
2. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Service user account for AD LDS
New ACCOUNT STORE should be added and configured
Autonomous mode...This allows the local administrator to approve their own updates.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
3. To defragment and AD database...
net stop ntds
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
An Active Directory subnet object needs to be created.
Then use Windows BitLocker Drive Encryption
4. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Offline domain join
Implement a domain-based DFS namespace that uses replication
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
5. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Create a standard secondary of domain and create standard secondary of other domain.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
6. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Add the new UPN suffix to the forest.
Deploy the Root CA certificate to the external computers.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Assign the application to all client computers by using a GPO.
7. To configure Administrator Role Separation for an RODC
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Configure event log subscriptions
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
8. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Deploy the Root CA certificate to the external computers.
CAPublishGP group should have the Manage CA permission.
Then configure auto enrollment of certificates and Credential Roaming.
9. 2 ways to relocate user and computer accounts to different OUs
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
DSMOD - ADUC
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
10. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
11. What should be done first to defragment the AD database?
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Add-ADFineGrainedPasswordPolicySubject cmdlet
Run net stop ntds
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
12. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Dsmgmt
13. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Changed manually
File Server Resource Manager (FSRM) quotas and file screens
Configure folder redirection
14. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Then configure auto enrollment of certificates and Credential Roaming.
Create an Active Directory-Integrated zone.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
15. To build a highly secure server cluster with a reduced attack surface area
Deploy a failover cluster that contains one node in each office.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
16. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
A Distributed File System (DFS) namespace
AD Domains and Trusts
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
17. The strongest form of NAP is
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Active Directory Users and Computers utility
Implement Shadow Copies
Microsoft SharePoint Foundation 2010
18. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Include a server that runs Microsoft Office SharePoint Server 2010
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
File Server Resource Manager (FSRM) quotas and file screens
19. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Implement Shadow Copies
FFL Windows Server 2008 R2
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
20. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
Win2000 Native
IIS Chared Configuration
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Autonomous mode...This allows the local administrator to approve their own updates.
21. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
dnscmd tool
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Then use Windows Deployment Services (WDS)
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
22. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Then use Windows BitLocker Drive Encryption
Dsmgmt
Event Viewer
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
23. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Ntdsutil
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
fsconfig on FSSrv2
24. If users complain that it is hard to find the shared folders on the network implement
Use CISCO IP Helper command to configure.
PDC emulator with w32tm.exe
Additional DFS Targets
Recommend GPT and basic disks
25. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Create a standard secondary of domain and create standard secondary of other domain.
Ntfrsutil
Implement a Remote Desktop Connection Broker (RD Connection Broker)
26. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Deploy a failover cluster that uses Node and File Share Disk Majority
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Backup operator's domain local group
Folder redirection. Folder redirection is also useful when using roamin profiles.
27. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Enable - ADoptionalFeature cmdlet
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Perform an authoritative restore
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
28. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Set-ADServiceAccount cmdlet
Enable Windows Remote Management (WinRM) on the servers.
Deploy Microsoft System Center Operations Manager (SCOM)
A Distributed File System (DFS) namespace
29. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
net stop ntds
Subnet object needs to be created
Run net stop ntds
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
30. When deploying an application using the Group Policy distribution method assign the...
Data Recovery Agent
Properties of PSO need modified
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
31. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Authorization Manager
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Enable Windows Remote Management (WinRM) on each server.
32. All users store their files in their Documents folder. Some of these are very large. You are going to implement roaming profiles for all your users. You will configure this by using a GPO. To minimize the amount of time it takes for your users to log
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Modify the GPO to include folder redirection
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
33. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Purchase one additional Enterprise License
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Multipath I/O feature
dnscmd tool
34. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Active Directory Users and Computers utility
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
35. If you need to delegate control of server to remote admins group
ntdsutil
Configure RODC for Administrator Role Separation
Deploy a failover cluster that contains one node in each office.
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
36. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Install Windows Server Backup and modify the Windows firewall settings
Event Log Subscriptions
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
37. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Add George to the Domain Admins group.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Winrm quickconfig
38. To be able to manage all the corporate servers from a workstation - you must install the
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Subnet object needs to be created
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Set-ADServiceAccount cmdlet
39. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Network Load Balancing (NLB) cluster
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Microsoft Application Virtualization (AppV)
The Group Policy Management console
40. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Prestage the computer account in AD
Add-ADFineGrainedPasswordPolicySubject cmdlet
802.1.x NAP
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
41. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Test-AppLockerPolicy
FILES option within Ntdsutil
42. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Software Restriction Polices
Authorization Manager
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Offline domain join
43. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Install the RSAT tool on their workstation to provide for more efficient network management
PDC emulator with w32tm.exe
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
44. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Add the user to the Domain Admins global group
Windows BitLocker Drive Encryption (Bit Locker)
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Configure caching on the shared folder and configure offline files to use encryption
45. You need to recommend a solution for users in the branch office to access files in the main office. To minimize the amount of time it takes for users in the Branch office to access files stored on servers in the main office - and minimize the number
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Use CISCO IP Helper command to configure.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
46. You need to ensure that the guest account on all servers is disabled to
Group Policy Preferences
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Software Restriction Polices
47. FFL is...
Win2000
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Raise the DFL to Windows Server 2008 R2.
Then configure auto enrollment of certificates and Credential Roaming.
48. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Create and deploy a logon script that runs Auditpol.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
ntdsutil
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
49. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
An Active Directory subnet object needs to be created.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
50. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
