SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
Site
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
2. The strongest form of NAP is
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Microsoft System Center Data Protection Manager 2010
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
3. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Recommend GPT and basic disks
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Certificate Templates
4. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Network Load Balancing (NLB)
PowerShell 2.0
Create a Central Store
5. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Add George to the Domain Admins group.
Additional DFS Targets
Configure separate application pools for each application
6. To be able to user an application from one AD FS with authentication server to another...
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
A relying party trust should be created.
Create and deploy a logon script that runs Auditpol.
7. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Configure caching on the shared folder and configure offline files to use encryption
8. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Deploy a failover cluster that uses Node and File Share Disk Majority
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Implement a Remote Desktop Connection Broker (RD Connection Broker)
9. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Zone transfer settings
Enable Windows Remote Management (WinRM) on each server.
Domain based DFS namespace and configure a DFS replication group
10. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Create an e-mail account in AD DS for your RMS users
Administrators is the minimum group membership required to complete this procedure.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
11. If you need to allow an external partner's computer to access internal network resources by using SSTP
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Deploy the Root CA certificate to the external computers.
12. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Configure Firewall Group Policies and link them at the Domain level
13. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Modify the schema of LDSInst1
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
14. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Multipath I/O feature
A Distributed File System (DFS) namespace
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
15. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Add the new UPN suffix to the forest.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Prestage the computer account in AD
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
16. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Repadmin
Zone transfer settings
17. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Run auditpol and then configure the Security settings of the Domain Controllers OU.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
18. PowerShell script to create user accounts with passwords from a file called password.csv
Configure caching on the shared folder and configure offline files to use encryption
WSUS server in the branch office in replica mode.
Install Hyper-V role and convert physical machines into virtual machines
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
19. To minimize the amount of storage required you should recommend
Share and Storage Management
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Configure RODC for Administrator Role Separation
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
20. Capture all replication errors from all your DCs to a central location...
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Configure event log subscriptions
DFL needs to be Windows Server 2008
Group Policy Preferences
21. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
22. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Install the RSAT tool on their workstation to provide for more efficient network management
Configure caching on the shared folder and configure offline files to use encryption
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Create a standard secondary of domain and create standard secondary of other domain.
23. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Configure separate application pools for each application
Utilize IFM (Install From Media)
Implement Windows System Resource Manager (WSRM) and configure user policies
Microsoft Application Virtualization (AppV)
24. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Implement Network Access Protection (NAP)
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
View properties of %systemroot%ntdsntds.dit
25. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Active Directory Domains and Trusts
Configure event log subscriptions
Microsoft System Center Data Protection Manager 2010
Create a Central Store
26. Striped volumes
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Network Load Balancing (NLB)
Improve the performance of File Servers
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
27. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Get-ADUser cmdlet
Properties of PSO need modified
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
28. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Create a Network Load Balancing cluster.
Active Directory Domains and Trusts
Upgrading DFS to Windows Server 2008 R2
Run net stop ntds
29. Tools to view contents of an OU in an AD snapshot...
AD RMS
Configure block inheritance on the IT OU
Dsmgmt
dsa.msc - dsamain.exe - ntdsutil.exe
30. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Install From Media IFM
Subnet object needs to be created
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Create a Central Store
31. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Microsoft System Center Data Protection Manager 2010
Deploy the Root CA certificate to the external computers.
Add the Windows Server Backup feature and Windows System Image recovery.
32. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Get-ADUser cmdlet
33. You need to allow a user to add a single computer to a domain - without any additional rights...
Import-Module
Run net stop ntds
Prestage the computer account in AD
Configure Firewall Group Policies and link them at the Domain level
34. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Implement Windows System Resource Manager (WSRM)
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Attach VHD file created by Windows server backup
35. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Active Directory Domains and Trusts
Backup operator's domain local group
Implement Windows System Resource Manager (WSRM) and configure user policies
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
36. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Disable Site Link Bridging from IP Properties
Disable Site Link Bridging from the IP properties
Dynamically expanding VHD's
37. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
dsa.msc - dsamain.exe - ntdsutil.exe
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
From Server1 - run the Create Basic Task Wizard
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
38. To join a server/PC outside of the domain to the network...
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Configure folder redirection
Attach VHD file created by Windows server backup
djoin /requesteodj from internal server - djoin /provision from outside server/PC
39. Can be used to install the Windows RE on existing servers
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Refresh the zone on DNS2
WDS
40. What GPO setting should be configured to prevent all users from running an application?
Software Restriction Polices
Data Recovery Agent
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Discover the run Microsoft Baseline Security Analyzer (MBSA)
41. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Install Hyper-V role and convert physical machines into virtual machines
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Run net stop ntds
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
42. Auditing the deletion of Registry keys on all Domain Controllers
Event Subscriptions
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Configure folder redirection
43. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Multipath I/O feature
Implement the Windows Search Service.
Folder redirection. Folder redirection is also useful when using roamin profiles.
44. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Recommend Group Policy preferences
Increase the tombstone lifetime for the forest.
Domain based Distributed File System (DFS) will reduce network traffic
Then use Windows Deployment Services (WDS)
45. A specific application requires registry modifications to be in place before installing; you should use
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Create a Network Load Balancing cluster.
Group Policy Preferences
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
46. What should be done first to defragment the AD database?
Implement one LUN for the quorum and another LUN for the data
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Run net stop ntds
Add the user to the Domain Admins global group
47. For the users that work remotely that need access to files from the corporate office you should...
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Recommend Active Directory delegation
An Active Directory subnet object needs to be created.
Recommend Offline Files
48. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Modify the schema of LDSInst1
ntdsutil
Back up to an external USB drive by using Windows Server Backup
Add George to the Domain Admins group.
49. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Windows Deployment Services (WDS)
Enable Windows Remote Management (WinRM) on the servers.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
50. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Authorization Manager
Deploy a failover cluster that contains one node in each office.
Ntfrsutil
Install Windows Server Backup and modify the Windows firewall settings
