SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Install the RSAT tool on their workstation to provide for more efficient network management
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Implement Windows System Resource Manager (WSRM)
2. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Domain based DFS namespace and configure a DFS replication group
Modify the schema of LDSInst1
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Configure Audit Special Logon and define Special Groups
3. To backup to tape/robotic tape and to backup VMs you must use...
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Microsoft System Center Data Protection Manager 2010
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
4. If a file server reaches 15% free disk space - you could free up some disk space by
Configure separate application pools for each application
Create a new Password Settings Object (PSO) for the IT users.
Modify the schema of LDSInst1
Creating a data collector set that kick off a scritp that either move or delete files.
5. To restore deleted user account from AD Recycle Bin...
Dfsrdiag
Restore-ADObject cmdlet
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Add the Windows Server Backup feature and Windows System Image recovery.
6. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Then use on install image file that contains a single install image.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Configure caching on the shared folder and configure offline files to use encryption
The Group Policy Management Console
7. To minimize the amount of storage required you should recommend
Your machine and remote desktops
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Share and Storage Management
8. To build a highly secure server cluster with a reduced attack surface area
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Add the user to the Domain Admins global group
9. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Implement Network Access Protection (NAP) that uses 802.1x enforcement
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Microsoft Desktop Optimization Pack (MDOP)
10. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Configure caching on the shared folder and configure offline files to use encryption
Restore-ADObject cmdlet
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Backup operator's domain local group
11. File that contains the last logon time and custom attributes values for each user in your forest.
Enable Windows Remote Management (WinRM) on the servers.
Get-ADUser cmdlet
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
12. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Win2000
Incoming external trust
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
13. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Role Separation
Deploy Microsoft System Center Operations Manager (SCOM)
Folder redirection. Folder redirection is also useful when using roamin profiles.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
14. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Win2000
Implement Windows System Resource Manager (WSRM) and configure user policies
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
15. What role to keep same time as an external server?
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
PDC emulator with w32tm.exe
16. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Run adprep /forestprep and adprep /domainprep
Configure offline files and enable manual caching
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
17. You need to recommend a BitLocker recovery method you should recommend this.
Data Recovery Agent
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
18. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Implement Network Access Protection (NAP)
19. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
IIS Chared Configuration
Administrative Role Separation
Software Restriction Polices
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
20. You need to design your WSUS infrastructure so that updates are highly available. To do so
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Use a GPO to configure device installation restrictions
Microsoft System Center Data Protection Manager 2010
Deploy it by using Group Policy Software Installation method
21. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Include a server that runs Microsoft Office SharePoint Server 2010
Utilize IFM (Install From Media)
Use Netsh tool from administrator's computer.
Disable Site Link Bridging from IP Properties
22. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Authorization Manager
Authorization Manager role assignment
Autonomous mode...This allows the local administrator to approve their own updates.
Then use Windows Deployment Services (WDS) on DHCP1.
23. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
24. When service account passwords need to be changed for SQL they should be...
Configure authorization rules for Web developers on each web server
Ntfrsutil
dsa.msc - dsamain.exe - ntdsutil.exe
Changed manually
25. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Dfsrdiag
Group Policy Preferences
26. If you need to minimize amount of time and impact of 50 simultaneous Win7 installations
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Incoming external trust
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Autonomous mode...This allows the local administrator to approve their own updates.
27. To modify several user accounts to a new UPN suffix
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Configure block inheritance on the IT OU
Active Directory Users and Computers utility
New ACCOUNT STORE should be added and configured
28. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Configure event log subscriptions
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
29. You need to recommend a solution for users in the branch office to access files in the main office. To minimize the amount of time it takes for users in the Branch office to access files stored on servers in the main office - and minimize the number
Printer driver isolation
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Include a server that runs Microsoft Office SharePoint Server 2010
30. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
Enable Windows Remote Management (WinRM) on each server.
An Active Directory subnet object needs to be created.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Software Restriction Polices
31. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Deploy a failover cluster that contains one node in each office.
Configure the zone as an Activde Directory-Integrated zone.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
32. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Install the RSAT tool on their workstation to provide for more efficient network management
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
33. To be able to manage all the corporate servers from a workstation - you must install the
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Microsoft SharePoint Foundation 2010
Then use Windows BitLocker Drive Encryption
34. To allow a specifc user or group to manage the address information for the user accounts...
Deploy a GPO to the WebSrvOU
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Recommend Active Directory delegation
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
35. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Configure authorization rules for Web developers on each web server
802.1.x NAP
Configure block inheritance on the IT OU
Ensure your account - or the group is a member of the local Administrators group for that specific server.
36. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Then use Windows Deployment Services (WDS)
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
37. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Import-Module
38. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Event Viewer
Recommend Offline Files
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
39. You need a solution that allows a global group to perform the following: stop and start services; change registry settings; change network settings
Ntfrsutil
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
40. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Modify the local policy to point to the Internal WSUS server
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Certificate Templates
41. When one needs to audit files - folders - printers and the registry enable
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Run net stop ntds
New ACCOUNT STORE should be added and configured
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
42. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
43. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Event Log Subscriptions
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
44. To backup GPO's in domain and minimize bakcup...
The Group Policy Management Console
DFL needs to be Windows Server 2008
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
ntdsutil
45. 4 steps to perform authoritative restore of a deleted OU...
Run net stop ntds
Use CISCO IP Helper command to configure.
Role Separation
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
46. In order to ensure highly available Windows Update servers you should create this.
Prestage the computer account in AD
Use local roles options within "dsmgmt"
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
47. Your AD environment has an Enterprise Root CA. What 2 actions should you take to ensure that only administrators can sign code?
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Zone transfer settings
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Improve the performance of File Servers
48. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Domain based Distributed File System (DFS) will reduce network traffic
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Raise the DFL to Windows Server 2008 R2.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
49. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Configure caching on the shared folder (offline files)
Install Windows Server Backup and modify the Windows firewall settings
Zone transfer settings
Service user account for AD LDS
50. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Configure folder redirection
fsconfig on FSSrv2
Microsoft System Center Data Protection Manager
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
