SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Site
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Network Load Balancing (NLB)
2. For the users that work remotely that need access to files from the corporate office you should...
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Recommend Offline Files
MEDV to deploy virtual desktops
Windows System Resource Manager (WSRM)
3. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Modify the GPO to include folder redirection
4. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Then use Windows Deployment Services (WDS)
The Group Policy Management console
Implement Network Access Protection (NAP)
Dfsrdiag
5. Can be used to install the Windows RE on existing servers
WDS
Domain based Distributed File System (DFS) will reduce network traffic
NOT be able to store that data on an iSCSI SAN
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
6. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Add the user to the Domain Admins global group
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Implement Network Access Protection (NAP)
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
7. You need a solution that meets policy while minimizing hardware and software costs
Then install new Server 2008 R2 Enterprise subordinate CA.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Implement GPO for all client computers
Create a new Password Settings Object (PSO) for the IT users.
8. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
Autonomous mode...This allows the local administrator to approve their own updates.
Add the new UPN suffix to the forest.
Then use on install image file that contains a single install image.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
9. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Then use Windows Deployment Services (WDS) on DHCP1.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Assign the application to computers in the PC OU
DSMOD
10. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Restore-ADObject cmdlet
Subnet object needs to be created
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
11. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
12. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Registry on users computer needs to be modified
Add the new UPN suffix to the forest.
Implement Windows System Resource Manager (WSRM)
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
13. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Run net stop ntds
From Server1 - run the Create Basic Task Wizard
Add the new UPN suffix to the forest.
14. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
Add George to the Domain Admins group.
Windows Server 2003
Create a MEDV workspace
Dfsrdiag
15. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
The Group Policy Management console
Recommend GPT and basic disks
Test-AppLockerPolicy
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
16. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Deploy a GPO to the WebSrvOU
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Microsoft System Center Data Protection Manager
17. To build a highly secure server cluster with a reduced attack surface area
Disable Site Link Bridging from IP Properties
Add the user to the Domain Admins global group
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
18. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Implement a domain-based DFS namespace that uses replication
The Group Policy Management console
Set-ADServiceAccount cmdlet
Modify the local policy to point to the Internal WSUS server
19. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Upgrading DFS to Windows Server 2008 R2
Include a server that runs Microsoft Office SharePoint Server 2010
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
20. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Add the new UPN Suffix to the forest
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Active Directory Right Management Services (AD RMS)
Additional DFS Targets
21. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Active Directory Right Management Services (AD RMS)
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Data Recovery Agent
22. To minimize the amount of storage required you should recommend
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Share and Storage Management
Enable Credential Roaming
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
23. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Configure offline files and enable manual caching
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
IIS Manager user account
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
24. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Multipath I/O feature
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
25. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Configure block inheritance on the IT OU
Add-ADFineGrainedPasswordPolicySubject cmdlet
Configure separate application pools for each application
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
26. To be able to user an application from one AD FS with authentication server to another...
A relying party trust should be created.
Upgrading DFS to Windows Server 2008 R2
Discover the run Microsoft Baseline Security Analyzer (MBSA)
PowerShell 2.0
27. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Winrm quickconfig
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Incoming external trust
Enable - ADoptionalFeature cmdlet
28. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Implement Network Access Protection (NAP)
Deploy the Root CA certificate to the external computers.
Share and Storage Management
Implement a domain-based DFS namespace that uses replication
29. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Configure the zone as an Activde Directory-Integrated zone.
ntdsutil
30. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Test-AppLockerPolicy
Modify properties of RODC server computer account.
Implement GPO for all client computers
Set-ADServiceAccount cmdlet
31. To back up your Hyper-VMs and the Hyper-V host; for each VM -
IIS Chared Configuration
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Changed manually
32. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
33. What utility is used to see what accounts cached on RODC?
Active Directory Users and Computers
Use local roles options within "dsmgmt"
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Software Restriction Polices
34. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Create a standard secondary of domain and create standard secondary of other domain.
Purchase one additional Enterprise License
Folder redirection. Folder redirection is also useful when using roamin profiles.
Create an e-mail account in AD DS for your RMS users
35. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
WSUS server in the branch office in replica mode.
Network Load Balancing (NLB) cluster
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
36. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Disable Site Link Bridging from IP Properties
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Upgrading DFS to Windows Server 2008 R2
37. You need to allow a user to add a single computer to a domain - without any additional rights...
Prestage the computer account in AD
Test-AppLockerPolicy
802.1.x NAP
Domain based Distributed File System (DFS) will reduce network traffic
38. To configure Administrator Role Separation for an RODC
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Microsoft System Center Data Protection Manager 2010
39. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Modify the local policy to point to the Internal WSUS server
DSMOD
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
40. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Administrative Role Separation
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Create and deploy a logon script that runs Auditpol.
41. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Microsoft Desktop Optimization Pack (MDOP) to your company
Create an e-mail account in AD DS for your RMS users.
Create a MEDV workspace
42. You need to recommend a BitLocker recovery method you should recommend this.
Administrators is the minimum group membership required to complete this procedure.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Data Recovery Agent
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
43. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Modify zone transfer settings for company.com zone on DCA
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
44. To allow connection to a 256 Kbps ISDN...
Domain based Distributed File System (DFS) namespace and DFS Replication.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
DISABLE slow link detection in the GPO
45. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Enable Windows Remote Management (WinRM) on each server.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Offline domain join
Install Hyper-V role and convert physical machines into virtual machines
46. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Configure block inheritance on the IT OU
Run adprep /forestprep and adprep /domainprep
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
47. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Incoming external trust
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Certificate Templates
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
48. To restore deleted user account from AD Recycle Bin...
Recommend GPT and basic disks
Restore-ADObject cmdlet
Configure separate application pools for each application
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
49. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Printer driver isolation
Refresh the zone on DNS2
Implement File Server Resource Manager (FSRM) quotas on the desired servers
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
50. There's an AD domain named company.com. There are 3 DC's that also hold the DNS server role which host an ADI zone named company.com. This zone is configured to update settings to Secure only Dynamic Updates. The CIO has issued a new security policy
Configure event log subscriptions
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Add the new UPN suffix to the forest.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests