Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Deploy the Root CA certificate to the external computers.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Domain based DFS namespace and configure a DFS replication group

2. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Then use Windows Deployment Services (WDS)
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Changed manually

3. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Microsoft Application Virtualization (AppV)
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Modify the GPO to include folder redirection
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.

4. What role to keep same time as an external server?
PDC emulator with w32tm.exe
Use the Local Roles options with dsmgmt.
Repadmin
Raise the DFL to Windows Server 2008 R2.

5. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Raise the DFL to Windows Server 2008 R2.
Windows XP Mode
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in

6. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
AD Domains and Trusts
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Passive file screens
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management

7. Jack and Jill go up the hill - both with a buck and a quarter
Registry on users computer needs to be modified
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Jill came down with 2.50.
Implement Distributed File System Replication (DFSR) on both servers

8. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Configure separate application pools for each application
A relying party trust should be created.
Include a server that runs Microsoft Office SharePoint Server 2010
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication

9. What shold be done to configure AD RMS so users can protect their data?
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Backup operator's domain local group
Create an e-mail account in AD DS for your RMS users

10. With Group Polices having over 8 -000 different settings - the possibility of conflicting policies - and security filters you should track multiple versions and offline modifications to GPOs. You should recommend
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Assign the application to all client computers by using a GPO.
Event Viewer
Microsoft Desktop Optimization Pack (MDOP)

11. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Configure block inheritance on the IT OU
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Install and share a printer on a server and then enable printer pooling.
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.

12. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Install Hyper-V role and convert physical machines into virtual machines
Windows XP Mode
Raise the DFL to Windows Server 2008 R2.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur

13. If a file server reaches 15% free disk space - you could free up some disk space by
Microsoft Desktop Optimization Pack (MDOP)
New ACCOUNT STORE should be added and configured
Creating a data collector set that kick off a scritp that either move or delete files.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in

14. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Implement Network Access Protection (NAP)
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Then use Windows BitLocker Drive Encryption

15. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Basic Authentication and SSL
File Server Resource Manager (FSRM) quotas and file screens
AD RMS
Subnet object needs to be created

16. Ensure password length for a group set to 12 characters long while others keep password policy
New ACCOUNT STORE should be added and configured
Disable Site Link Bridging from the IP properties
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Add-ADFineGrainedPasswordPolicySubject cmdlet

17. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Enable - ADoptionalFeature cmdlet
Winrm quickconfig
Create an Active Directory-Integrated zone.

18. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
DISABLE slow link detection in the GPO
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Install the RSAT tool on their workstation to provide for more efficient network management
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th

19. To create AD Domain Services snapshot
Ensure your account - or the group is a member of the local Administrators group for that specific server.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Ntdsutil
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library

20. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Dsmgmt
Role Separation
Deploy a failover cluster that uses Node and File Share Disk Majority
Import-Module

21. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Execute the Set-ADServiceAccount cmdlet
Deploy a failover cluster that contains one node in each office.
Modify the local policy to point to the Internal WSUS server

22. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Administrators is the minimum group membership required to complete this procedure.
Deploy a GPO to the WebSrvOU
Windows Deployment Services (WDS)
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.

23. If you need to encrypt all data on all disks
Use a GPO to configure device installation restrictions
Then use Windows BitLocker Drive Encryption
Create a standard secondary of domain and create standard secondary of other domain.
DFL needs to be Windows Server 2008

24. New Password Policy needs to be created for OU different from domain password policy
AD Rights Management Services
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Add the new UPN suffix to the forest.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.

25. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

26. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
A Distributed File System (DFS) namespace
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Implement a Remote Desktop Connection Broker (RD Connection Broker)

27. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
Ntdsutil
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Microsoft Desktop Optimization Pack (MDOP)
Creating a data collector set that kick off a scritp that either move or delete files.

28. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
AD Rights Management Services
Run auditpol and then configure the Security settings of the Domain Controllers OU.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.

29. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
View properties of %systemroot%ntdsntds.dit
Then use Windows Deployment Services (WDS) on DHCP1.
AD Domains and Trusts
Assign permissions for the Groups OU and Branch OU to the help desk technicians.

30. To join a server/PC outside of the domain to the network...
Install Windows Server Backup and modify the Windows firewall settings
Raise the DFL to Windows Server 2008 R2.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
djoin /requesteodj from internal server - djoin /provision from outside server/PC

31. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Your machine and remote desktops
PowerShell 2.0
Windows Server 2003
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.

32. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Run the Delegation of Control Wizard on the Staff OU
Execute the Set-ADServiceAccount cmdlet
djoin /requesteodj from internal server - djoin /provision from outside server/PC

33. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Configure Firewall Group Policies and link them at the Domain level
Improve the performance of File Servers
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Run the Delegation of Control Wizard on the Staff OU

34. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Use a GPO to configure device installation restrictions
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Active Directory Domains and Trusts

35. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Deploy a GPO for the Sales OU
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Back up to an external USB drive by using Windows Server Backup
Recommend GPT and basic disks

36. What utility is used to see what accounts cached on RODC?
Group Policy Preferences
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Deploy a failover cluster that contains one node in each office.
Active Directory Users and Computers

37. What should be done to ensure changes made to AD objects can be logged?
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Disable Site Link Bridging from IP Properties
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU

38. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Authorization Manager role assignment
Upgrading DFS to Windows Server 2008 R2
Assign the application to all client computers by using a GPO.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)

39. Tools to view contents of an OU in an AD snapshot...
dsa.msc - dsamain.exe - ntdsutil.exe
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Incoming external trust
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.

40. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
Create and deploy a logon script that runs Auditpol.
dnscmd
Configure caching on the shared folder (offline files)
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology

41. What GPO setting should be configured to prevent all users from running an application?
Then use Windows BitLocker Drive Encryption
Deploy Microsoft System Center Operations Manager (SCOM)
Implement a domain-based DFS namespace that uses replication
Software Restriction Polices

42. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Add George to the Domain Admins group.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Implement Windows BitLocker Drive Encryption (BitLocker)
Then configure auto enrollment of certificates and Credential Roaming.

43. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

44. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Get-ADUser cmdlet
Additional DFS Targets
Group Policy Preferences
Configure caching on the shared folder and configure offline files to use encryption

45. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
ntdsutil
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Run adprep /forestprep and adprep /domainprep
Folder redirection. Folder redirection is also useful when using roamin profiles.

46. If CA PKI needs to support Suite B hashing and encryption algorithms and store keys in AD
Then install new Server 2008 R2 Enterprise subordinate CA.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Configure Firewall Group Policies and link them at the Domain level
Implement a domain-based DFS namespace that uses replication

47. If you want to allow single-label name resolution
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Then configure GlobalNames zones on each domain controller.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Execute the Set-ADServiceAccount cmdlet

48. File that contains the last logon time and custom attributes values for each user in your forest.
Deploy a failover cluster that contains one node in each office.
Configure authorization rules for Web developers on each web server
Get-ADUser cmdlet
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.

49. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Modify zone transfer settings for company.com zone on DCA
Basic Authentication and SSL
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates

50. 2 ways to relocate user and computer accounts to different OUs
PowerShell 2.0
Configure an audit policy by editing the default domain policy and configure Event Forwarding
DSMOD - ADUC
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions