SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. With Group Polices having over 8 -000 different settings - the possibility of conflicting policies - and security filters you should track multiple versions and offline modifications to GPOs. You should recommend
Microsoft Desktop Optimization Pack (MDOP)
Microsoft SharePoint Foundation 2010
Dynamically expanding VHD's
AD RMS
2. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Site
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
3. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
WDS
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Create a standard secondary of domain and create standard secondary of other domain.
4. To determine size of AD database file...
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
View properties of %systemroot%ntdsntds.dit
WDS
Microsoft Application Virtualization (AppV)
5. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
DSMOD
Implement GPO for all client computers
Execute the Set-ADServiceAccount cmdlet
Configure caching on the shared folder (offline files)
6. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Configure Firewall Group Policies and link them at the Domain level
Implement GPO for all client computers
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
7. If you need to ensure that data is protected by BitLocker then you will...
NOT be able to store that data on an iSCSI SAN
802.1.x NAP
Storage manager for SANs
Then use Windows Deployment Services (WDS)
8. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Modify the schema of LDSInst1
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
9. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Modify properties of RODC server computer account.
10. Auditing the deletion of Registry keys on all Domain Controllers
Deploy a failover cluster that uses Node and File Share Disk Majority
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Then use Windows Deployment Services (WDS) on DHCP1.
11. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Windows XP Mode
FFL Windows Server 2008 R2
dnscmd tool
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
12. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
Raise the DFL to Windows Server 2008 R2.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Install the RSAT tool on their workstation to provide for more efficient network management
13. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Add-ADFineGrainedPasswordPolicySubject cmdlet
Domain based Distributed File System (DFS) will reduce network traffic
From Server1 - run the Create Basic Task Wizard
14. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Raise the DFL to Windows Server 2008 R2.
New ACCOUNT STORE should be added and configured
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
15. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
A relying party trust should be created.
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Use local roles options within "dsmgmt"
Creating a data collector set that kick off a scritp that either move or delete files.
16. A specific application requires registry modifications to be in place before installing; you should use
dnscmd
Create a standard secondary of domain and create standard secondary of other domain.
Implement Windows System Resource Manager (WSRM)
Group Policy Preferences
17. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Assign the application to computers in the PC OU
802.1.x NAP
Ntfrsutil
Configure separate application pools for each application
18. Tools to view contents of an OU in an AD snapshot...
Utilize IFM (Install From Media)
Authorization Manager role assignment
DFL needs to be Windows Server 2008
dsa.msc - dsamain.exe - ntdsutil.exe
19. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Install Hyper-V role and convert physical machines into virtual machines
Implement folder redirection by using GPO. Then backup the folder redirection target.
Implement Windows BitLocker Drive Encryption (BitLocker)
20. To deploy templates across the organization
Distributed File System (DFS) Replication
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
CAPublishGP group should have the Manage CA permission.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
21. An AD LDS instance needs to be replicated from one server to another...
Service user account for AD LDS
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Use CISCO IP Helper command to configure.
Implement folder redirection by using GPO. Then backup the folder redirection target.
22. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Creating a data collector set that kick off a scritp that either move or delete files.
Implement Network Access Protection (NAP)
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Microsoft Application Virtualization (AppV)
23. You need to recommend a BitLocker recovery method you should recommend this.
Configure RODC for Administrator Role Separation
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Data Recovery Agent
Use CISCO IP Helper command to configure.
24. Tool to change Directory Services Restore Mode password on Domain Controller...
A Distributed File System (DFS) namespace
ntdsutil
Create an e-mail account in AD DS for your RMS users
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
25. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
26. DFL is...
Win2000 Native
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
27. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
28. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Microsoft System Center Data Protection Manager 2010
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
29. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Role Separation
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Enable - ADoptionalFeature cmdlet
Use a GPO to configure device installation restrictions
30. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Printer driver isolation
Windows Deployment Services (WDS)
Restore-ADObject cmdlet
Configure separate application pools for each application
31. To delegate authority to users to manage only certain areas in Hyper-V use the
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Authorization Manager role assignment
32. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
Create a MEDV workspace
Assign the application to all client computers by using a GPO.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Active Directory Domains and Trusts
33. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Use CISCO IP Helper command to configure.
Utilize IFM (Install From Media)
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Refresh the zone on DNS2
34. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
dnscmd tool
35. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Create a standard secondary of domain and create standard secondary of other domain.
Enable Credential Roaming
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
36. To restore previous version of script without taking up too much of time...
dnscmd
Administrative Role Separation
Attach VHD file created by Windows server backup
Then use on install image file that contains a single install image.
37. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
38. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Create a Network Load Balancing cluster.
Deploy a failover cluster that uses Node and File Share Disk Majority
Ntfrsutil
Properties of PSO need modified
39. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Multipath I/O feature
Dsmgmt
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Group Policy Preferences
40. To prevent account password from being cached on RODC server...
Create a Network Load Balancing cluster.
View properties of %systemroot%ntdsntds.dit
A Distributed File System (DFS) namespace
Modify properties of RODC server computer account.
41. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Use a GPO to configure device installation restrictions
Then use Windows Deployment Services (WDS)
New ACCOUNT STORE should be added and configured
Run the Delegation of Control Wizard on the Staff OU
42. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Configure caching on the shared folder (offline files)
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
43. to make shares at a remote location available to users you should implement this.
Configure Audit Special Logon and define Special Groups
Registry on users computer needs to be modified
Domain based Distributed File System (DFS) namespace and DFS Replication.
Repadmin
44. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Dsmgmt
Subnet object needs to be created
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
45. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Creating a data collector set that kick off a scritp that either move or delete files.
Purchase one additional Enterprise License
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
46. Need to ensure users receive updated template within five days...
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Restore-ADObject cmdlet
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Registry on users computer needs to be modified
47. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
48. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Subnet object needs to be created
Install Hyper-V role and convert physical machines into virtual machines
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
49. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Recommend Offline Files
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
DSMOD
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
50. If you need to minimize the bandwidth for installation
Deploy a GPO for the Sales OU
Utilize IFM (Install From Media)
Windows Deployment Services (WDS)
Purchase one additional Enterprise License
