SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
2. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Restore-ADObject cmdlet
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Implement one LUN for the quorum and another LUN for the data
3. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Domain based DFS namespace and configure a DFS replication group
Use a GPO to configure device installation restrictions
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Refresh the zone on DNS2
4. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Implement Windows System Resource Manager (WSRM)
Subnet object needs to be created
5. Need to ensure users receive updated template within five days...
Autonomous mode...This allows the local administrator to approve their own updates.
Registry on users computer needs to be modified
Deploy the Root CA certificate to the external computers.
Network Load Balancing (NLB) cluster
6. You need a solution that allows a global group to perform the following: stop and start services; change registry settings; change network settings
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Domain based DFS namespace and configure a DFS replication group
Configure Audit Special Logon and define Special Groups
7. To allow a user to administer Active Directory
Add the user to the Domain Admins global group
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Implement one LUN for the quorum and another LUN for the data
8. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Implement the Windows Search Service.
Configure authorization rules for Web developers on each web server
9. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Refresh the zone on DNS2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Implement the Windows Search Service.
Administrators is the minimum group membership required to complete this procedure.
10. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
11. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Authorization Manager
A Distributed File System (DFS) namespace
Create a Network Load Balancing cluster.
12. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
13. To delegate authority to users to manage only certain areas in Hyper-V use the
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Incoming external trust
Authorization Manager role assignment
14. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Dsmgmt
Add the user to the Domain Admins global group
Test-AppLockerPolicy
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
15. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
An Active Directory subnet object needs to be created.
Configure caching on the shared folder (offline files)
Data Recovery Agent
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
16. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Group Policy Preferences
AD Rights Management Services
Microsoft Desktop Optimization Pack (MDOP)
Implement Network Access Protection (NAP)
17. What should be done to ensure changes made to AD objects can be logged?
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Implement one LUN for the quorum and another LUN for the data
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
18. 2 ways to relocate user and computer accounts to different OUs
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
DSMOD - ADUC
PowerShell 2.0
Modify the schema of LDSInst1
19. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Data Recovery Agent
Run net stop ntds
Subnet object needs to be created
Test-AppLockerPolicy
20. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Configure separate application pools for each application
Attach VHD file created by Windows server backup
Use Netsh tool from administrator's computer.
21. UPN Suffix xxxx.com needs to be available for user accounts...
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Modify the schema of LDSInst1
Add the new UPN Suffix to the forest
Configure event log subscriptions
22. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
23. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Implement Network Access Protection (NAP)
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
24. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
25. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
26. to make shares at a remote location available to users you should implement this.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Active Directory snapshots and Tombstone reanimation
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Event Log Subscriptions
27. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Changed manually
Basic Authentication and SSL
Modify the local policy to point to the Internal WSUS server
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
28. Tools to view contents of an OU in an AD snapshot...
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Back up to an external USB drive by using Windows Server Backup
Add the Windows Server Backup feature and Windows System Image recovery.
dsa.msc - dsamain.exe - ntdsutil.exe
29. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Purchase one additional Enterprise License
Then use on install image file that contains a single install image.
Event Log Subscriptions
Implement a Remote Desktop Connection Broker (RD Connection Broker)
30. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Dfsrdiag
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Event Log Subscriptions
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
31. A specific application requires registry modifications to be in place before installing; you should use
Assign the application to all client computers by using a GPO.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Group Policy Preferences
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
32. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Network Load Balancing (NLB)
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Install Windows Server Backup and modify the Windows firewall settings
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
33. You need to ensure that the guest account on all servers is disabled to
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Deploy Microsoft System Center Operations Manager (SCOM)
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
34. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Configure folder redirection
Windows XP Mode
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
35. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Site
FFL Windows Server 2008 R2
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Repadmin
36. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Then configure GlobalNames zones on each domain controller.
Modify zone transfer settings for company.com zone on DCA
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
37. Jack and Jill go up the hill - both with a buck and a quarter
Jill came down with 2.50.
Install Hyper-V role and convert physical machines into virtual machines
File Server Resource Manager (FSRM) quotas and file screens
Microsoft Application Virtualization (AppV)
38. To join a server/PC outside of the domain to the network...
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Disable Site Link Bridging from IP Properties
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
39. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Install Windows Server Backup and modify the Windows firewall settings
Domain based DFS namespace and configure a DFS replication group
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
40. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Create a Central Store
Creating a data collector set that kick off a scritp that either move or delete files.
Dynamically expanding VHD's
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
41. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Windows Server 2003
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
42. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
Dsmgmt
Domain based Distributed File System (DFS) namespace and DFS Replication.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
43. To configure AD FS so tokens contain information from Active Directory domain...
New ACCOUNT STORE should be added and configured
Active Directory Right Management Services (AD RMS)
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
44. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Enable Credential Roaming
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
45. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Configure the zone as an Activde Directory-Integrated zone.
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Implement a domain-based DFS namespace that uses replication
46. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Configure Audit Special Logon and define Special Groups
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Create an Active Directory-Integrated zone.
Add George to the Domain Admins group.
47. Ensure password length for a group set to 12 characters long while others keep password policy
Configure separate application pools for each application
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Add-ADFineGrainedPasswordPolicySubject cmdlet
Refresh the zone on DNS2
48. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Create a MEDV workspace
Dynamically expanding VHD's
Network Load Balancing (NLB) cluster
49. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Ntfrsutil
Ntdsutil
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Domain based DFS namespace and configure a DFS replication group
50. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Enable Windows Remote Management (WinRM) on the servers.
CAPublishGP group should have the Manage CA permission.
