Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Configure Firewall Group Policies and link them at the Domain level
Recommend Active Directory delegation
Backup operator's domain local group
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)

2. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
File Server Resource Manager (FSRM) quotas and file screens
Configure Firewall Group Policies and link them at the Domain level
Winrm quickconfig
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers

3. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Data Recovery Agent
Implement Windows System Resource Manager (WSRM)
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.

4. If you need to be able to create shared folders on Server 2008 R2
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Then use on install image file that contains a single install image.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Printer driver isolation

5. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Autonomous mode...This allows the local administrator to approve their own updates.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.

6. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Add the new UPN suffix to the forest.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}

7. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
CAPublishGP group should have the Manage CA permission.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Distributed File System (DFS) Replication
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).

8. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Create a MEDV workspace
Microsoft SharePoint Foundation 2010
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Windows XP Mode

9. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Perform an authoritative restore
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
FFL Windows Server 2008 R2
Dfsrdiag

10. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Microsoft Desktop Optimization Pack (MDOP) to your company
CAPublishGP group should have the Manage CA permission.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.

11. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
From Server1 - run the Create Basic Task Wizard
dnscmd
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.

12. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
fsconfig on FSSrv2
Deploy it by using Group Policy Software Installation method
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.

13. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Install From Media IFM
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Set-ADServiceAccount cmdlet

14. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Domain based Distributed File System (DFS) will reduce network traffic
Enable Windows Remote Management (WinRM) on the servers.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Dfsrdiag

15. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
From Server A - run Create Basic Task Wizard
Increase the tombstone lifetime for the forest.

16. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
IIS Chared Configuration
Create an e-mail account in AD DS for your RMS users
Multipath I/O feature
An Active Directory subnet object needs to be created.

17. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
IIS Manager user account
Network Load Balancing (NLB)
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Basic Authentication and SSL

18. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Use Netsh tool from administrator's computer.
Windows XP Mode
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary

19. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

20. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Win2000
The Group Policy Management console
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.

21. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Configure RODC for Administrator Role Separation
Active Directory Domains and Trusts
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions

22. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Add George to the Domain Admins group.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Authorization Manager role assignment
Modify the local policy to point to the Internal WSUS server

23. If a file server reaches 15% free disk space - you could free up some disk space by
Creating a data collector set that kick off a scritp that either move or delete files.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Import-Module

24. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Install Windows Server Backup and modify the Windows firewall settings
Event Viewer
Incoming external trust

25. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Microsoft System Center Data Protection Manager
Implement one LUN for the quorum and another LUN for the data
AD Rights Management Services

26. All users store their files in their Documents folder. Some of these are very large. You are going to implement roaming profiles for all your users. You will configure this by using a GPO. To minimize the amount of time it takes for your users to log
Modify the GPO to include folder redirection
Utilize IFM (Install From Media)
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Run net stop ntds

27. You need to recommend a BitLocker recovery method you should recommend this.
Data Recovery Agent
Additional DFS Targets
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)

28. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Domain based Distributed File System (DFS) will reduce network traffic
Back up to an external USB drive by using Windows Server Backup
Domain based Distributed File System (DFS) namespace and DFS Replication.
Modify the GPO to include folder redirection

29. Capture all replication errors from all your DCs to a central location...
Ldp
Configure event log subscriptions
Recommend Active Directory delegation
Install Hyper-V role and convert physical machines into virtual machines

30. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Active Directory Users and Computers
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Configure event log subscriptions

31. to prevent VMs from receiving updats from a group policy
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
WDS
Execute the Set-ADServiceAccount cmdlet
Run net stop ntds

32. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Implement Network Access Protection (NAP) that uses 802.1x enforcement
dsa.msc - dsamain.exe - ntdsutil.exe
Active Directory Users and Computers
Set-ADServiceAccount cmdlet

33. If you need to minimize the bandwidth for installation
AD Domains and Trusts
Utilize IFM (Install From Media)
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Install From Media IFM

34. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced

35. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Then use Windows Deployment Services (WDS)
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Implement GPO for all client computers
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions

36. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie

37. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
Network Load Balancing (NLB) cluster
Enable Credential Roaming
Implement the Windows Search Service.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.

38. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Deploy a GPO for the Sales OU
Use CISCO IP Helper command to configure.
Then use Windows Deployment Services (WDS) on DHCP1.
Implement GPO for all client computers

39. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Then use on install image file that contains a single install image.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Dsmgmt

40. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Administrative Role Separation
Domain based DFS namespace and configure a DFS replication group
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Then configure GlobalNames zones on each domain controller.

41. The Computer Management snap-in allows you to create shares both on...
Configure the zone as an Activde Directory-Integrated zone.
Configure Audit Special Logon and define Special Groups
Authorization Manager
Your machine and remote desktops

42. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

43. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Data Recovery Agent
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.

44. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Configure folder redirection
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Improve the performance of File Servers

45. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
dnscmd tool
Event Subscriptions
Use a GPO to configure device installation restrictions
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.

46. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Configure caching on the shared folder (offline files)
Deploy a GPO for the Sales OU
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.

47. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

48. File that contains the last logon time and custom attributes values for each user in your forest.
Get-ADUser cmdlet
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Assign the application to computers in the PC OU

49. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
WDS
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.

50. If users complain that it is hard to find the shared folders on the network implement
IIS Chared Configuration
Additional DFS Targets
Ldp
Group Policy Preferences