SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Need to ensure users receive updated template within five days...
Configure an audit policy by editing the default domain policy and configure Event Forwarding
From Server1 - run the Create Basic Task Wizard
Increase the tombstone lifetime for the forest.
Registry on users computer needs to be modified
2. To allow a user to administer Active Directory
Dsmgmt
Implement GPO for all client computers
Add the user to the Domain Admins global group
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
3. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Assign the application to all client computers by using a GPO.
Implement a domain-based DFS namespace that uses replication
Improve the performance of File Servers
4. File that contains the last logon time and custom attributes values for each user in your forest.
Get-ADUser cmdlet
Deploy a GPO to the WebSrvOU
Modify properties of RODC server computer account.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
5. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Create a standard secondary of domain and create standard secondary of other domain.
Configure RODC for Administrator Role Separation
Install From Media IFM
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
6. Striped volumes
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Improve the performance of File Servers
Recommend Group Policy preferences
DISABLE slow link detection in the GPO
7. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
WDS
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Install From Media IFM
8. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Add the Windows Server Backup feature and Windows System Image recovery.
Storage manager for SANs
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Administrative Role Separation
9. to protect file servers and hard disks that may be at risk of being accessed or stolen
Implement Windows BitLocker Drive Encryption (BitLocker)
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Win2000 Native
10. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Active Directory Users and Computers
Winrm quickconfig
Implement Windows BitLocker Drive Encryption (BitLocker)
11. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Import-Module
Data Recovery Agent
FFL Windows Server 2008 R2
12. When recommending a monitoring solution for an application so that it's events can be stored in a central
Event Subscriptions
PDC emulator with w32tm.exe
Event Viewer
Assign the application to all client computers by using a GPO.
13. To be able to manage all the corporate servers from a workstation - you must install the
Authorization Manager role assignment
Active Directory Right Management Services (AD RMS)
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Implement GPO for all client computers
14. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
CAPublishGP group should have the Manage CA permission.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
15. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
dnscmd tool
Create an Active Directory-Integrated zone.
Share and Storage Management
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
16. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Assign the application to all client computers by using a GPO.
Windows System Resource Manager (WSRM)
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
17. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Deploy a GPO to the WebSrvOU
Configure separate application pools for each application
18. Need to access some resources in another domain that is part of another forest...What trust is created?
Incoming external trust
CAPublishGP group should have the Manage CA permission.
Use the Local Roles options with dsmgmt.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
19. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Add the user to the Domain Admins global group
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
20. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Deploy it by using Group Policy Software Installation method
PDC emulator with w32tm.exe
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Creating a data collector set that kick off a scritp that either move or delete files.
21. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
Ntfrsutil
From Server1 - run the Create Basic Task Wizard
Raise the DFL to Windows Server 2008 R2.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
22. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Implement Windows System Resource Manager (WSRM) and configure user policies
Create a standard secondary of domain and create standard secondary of other domain.
23. For the users that work remotely that need access to files from the corporate office you should...
Enable Credential Roaming
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
The Group Policy Management console
Recommend Offline Files
24. You need to design your WSUS infrastructure so that updates are highly available. To do so
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Then configure GlobalNames zones on each domain controller.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
25. New password settings object (PSO) created and needs to be applied to user
Upgrading DFS to Windows Server 2008 R2
Perform an authoritative restore
Properties of PSO need modified
Encrypting File System (EFS). This can be enabled locally or through a GPO.
26. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
From Server A - run Create Basic Task Wizard
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Deploy a GPO to the WebSrvOU
Back up to an external USB drive by using Windows Server Backup
27. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
IIS Manager user account
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Subnet object needs to be created
28. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Incoming external trust
Create an e-mail account in AD DS for your RMS users
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
29. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Use Netsh tool from administrator's computer.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Assign the application to all client computers by using a GPO.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
30. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Configure Firewall Group Policies and link them at the Domain level
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Purchase one additional Enterprise License
dnscmd tool
31. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Assign the application to all client computers by using a GPO.
32. You have a main office that contains two domain controllers and a branch office that has an RODC. What should be done so that a user named George can install updates on the RODC while preventing George from logging on to any other domain controller?
Use the Local Roles options with dsmgmt.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
33. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Implement Distributed File System Replication (DFSR) on both servers
AD RMS
A Distributed File System (DFS) namespace
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
34. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
From Server A - run Create Basic Task Wizard
Create a Central Store
Configure caching on the shared folder (offline files)
Distributed File System (DFS) Replication
35. If you need to allow an external partner's computer to access internal network resources by using SSTP
Deploy the Root CA certificate to the external computers.
Implement Distributed File System Replication (DFSR) on both servers
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
36. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
37. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Upgrading DFS to Windows Server 2008 R2
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
38. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Disable Site Link Bridging from IP Properties
39. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Offline domain join
New ACCOUNT STORE should be added and configured
Basic Authentication and SSL
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
40. 4 steps to perform authoritative restore of a deleted OU...
Add the new UPN suffix to the forest.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
41. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
IIS Manager user account
Enable - ADoptionalFeature cmdlet
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
42. If you need to encrypt all data on all disks
AD Domains and Trusts
Jill came down with 2.50.
Then use Windows BitLocker Drive Encryption
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
43. You need to recommend a solution for users in the branch office to access files in the main office. To minimize the amount of time it takes for users in the Branch office to access files stored on servers in the main office - and minimize the number
Configure the zone as an Activde Directory-Integrated zone.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Administrators is the minimum group membership required to complete this procedure.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
44. Capture all replication errors from all your DCs to a central location...
DFL needs to be Windows Server 2008
Configure event log subscriptions
Modify properties of RODC server computer account.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
45. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Then use Windows Deployment Services (WDS) on DHCP1.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
46. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
From Server A - run Create Basic Task Wizard
Windows XP Mode
47. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
dnscmd
Active Directory snapshots and Tombstone reanimation
Disable Site Link Bridging from the IP properties
Configure an audit policy by editing the default domain policy and configure Event Forwarding
48. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Microsoft System Center Data Protection Manager
Deploy a GPO for the Sales OU
DFL needs to be Windows Server 2008
Configure the zone as an Activde Directory-Integrated zone.
49. A specific application requires registry modifications to be in place before installing; you should use
Group Policy Preferences
Add-ADFineGrainedPasswordPolicySubject cmdlet
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
50. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Assign the application to computers in the PC OU
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
