SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Software Restriction Polices
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Deploy a GPO for the Sales OU
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
2. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Deploy a GPO for the Sales OU
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
3. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Install From Media IFM
NOT be able to store that data on an iSCSI SAN
Modify the local policy to point to the Internal WSUS server
4. to make shares at a remote location available to users you should implement this.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
5. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
Create a Central Store
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Recommend Group Policy preferences
IIS Chared Configuration
6. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Implement the Windows Search Service.
Use the Local Roles options with dsmgmt.
7. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Prestage the computer account in AD
Implement Network Access Protection (NAP)
Create and deploy a logon script that runs Auditpol.
8. What GPO setting should be configured to prevent all users from running an application?
Deploy a failover cluster that uses Node and File Share Disk Majority
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Software Restriction Polices
Implement Network Access Protection (NAP) that uses 802.1x enforcement
9. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Win2000 Native
Enable Windows Remote Management (WinRM) on each server.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
10. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Configure caching on the shared folder (offline files)
Use a GPO to configure device installation restrictions
Changed manually
Create ADMX and ADML files. Configure the GPO and link it to the domain.
11. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
The Group Policy Management console
View properties of %systemroot%ntdsntds.dit
Configure Firewall Group Policies and link them at the Domain level
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
12. What should be done first to defragment the AD database?
Implement one LUN for the quorum and another LUN for the data
Run net stop ntds
Configure authorization rules for Web developers on each web server
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
13. To prevent account password from being cached on RODC server...
Implement Windows System Resource Manager (WSRM)
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Modify properties of RODC server computer account.
AD Domains and Trusts
14. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
DISABLE slow link detection in the GPO
15. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
Modify properties of RODC server computer account.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
dsa.msc - dsamain.exe - ntdsutil.exe
16. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Run adprep /forestprep and adprep /domainprep
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Deploy a GPO for the Sales OU
Discover the run Microsoft Baseline Security Analyzer (MBSA)
17. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Windows XP Mode
Purchase one additional Enterprise License
Group Policy Preferences
File Server Resource Manager (FSRM) quotas and file screens
18. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Use Netsh tool from administrator's computer.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Authorization Manager
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
19. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
ntdsutil
Create a Network Load Balancing cluster.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
20. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Group Policy Preferences
Implement the Windows Search Service.
21. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Restore-ADObject cmdlet
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
22. To configure Administrator Role Separation for an RODC
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
DSMOD - ADUC
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Then install new Server 2008 R2 Enterprise subordinate CA.
23. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Domain based Distributed File System (DFS) will reduce network traffic
Run adprep /forestprep and adprep /domainprep
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
View properties of %systemroot%ntdsntds.dit
24. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Back up to an external USB drive by using Windows Server Backup
Use the Local Roles options with dsmgmt.
Create and deploy a logon script that runs Auditpol.
25. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Microsoft System Center Data Protection Manager 2010
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
26. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Create a MEDV workspace
Assign the application to all client computers by using a GPO.
Windows System Resource Manager (WSRM)
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
27. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Import-Module
The Group Policy Management console
28. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Then use Windows BitLocker Drive Encryption
Repadmin
Windows System Resource Manager (WSRM)
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
29. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Registry on users computer needs to be modified
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Deploy Microsoft System Center Operations Manager (SCOM)
Windows Server 2003
30. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Implement a GPO for each domain
Site
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Implement GPO for all client computers
31. In order to manage websites without having to logon you can use
Create and deploy a logon script that runs Auditpol.
802.1.x NAP
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
PowerShell 2.0
32. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Create a Network Load Balancing cluster.
Passive file screens
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
33. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Configure authorization rules for Web developers on each web server
Certificate Templates
Create a new Password Settings Object (PSO) for the IT users.
Set-ADServiceAccount cmdlet
34. To be able to manage all the corporate servers from a workstation - you must install the
Create an Active Directory-Integrated zone.
Purchase one additional Enterprise License
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Create a Network Load Balancing cluster.
35. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
Deploy Microsoft System Center Operations Manager (SCOM)
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Then use Windows BitLocker Drive Encryption
36. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Test-AppLockerPolicy
dnscmd tool
Backup operator's domain local group
Domain based DFS namespace and configure a DFS replication group
37. Can be used to install the Windows RE on existing servers
WDS
Properties of PSO need modified
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
38. To add a new UPN for all user accounts...
Utilize IFM (Install From Media)
AD Domains and Trusts
Service user account for AD LDS
Deploy it by using Group Policy Software Installation method
39. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Microsoft System Center Data Protection Manager
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Winrm quickconfig
Modify the schema of LDSInst1
40. Your AD environment has an Enterprise Root CA. What 2 actions should you take to ensure that only administrators can sign code?
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Domain based DFS namespace and configure a DFS replication group
Deploy it by using Group Policy Software Installation method
41. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
MEDV to deploy virtual desktops
Dfsrdiag
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
42. If you need to minimize the bandwidth for installation
Add the new UPN Suffix to the forest
Domain based DFS namespace and configure a DFS replication group
Utilize IFM (Install From Media)
Include a server that runs Microsoft Office SharePoint Server 2010
43. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Modify the local policy to point to the Internal WSUS server
A Distributed File System (DFS) namespace
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
802.1.x NAP
44. Need to ensure users receive updated template within five days...
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Create ADMX and ADML files. Configure the GPO and link it to the domain.
net stop ntds
Registry on users computer needs to be modified
45. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
46. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Add the Windows Server Backup feature and Windows System Image recovery.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Data Recovery Agent
Implement GPO for all client computers
47. Capture all replication errors from all your DCs to a central location...
Perform an authoritative restore
fsconfig on FSSrv2
Configure event log subscriptions
Add-ADFineGrainedPasswordPolicySubject cmdlet
48. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Incoming external trust
Implement a Remote Desktop Connection Broker (RD Connection Broker)
AD RMS
Implement the Windows Search Service.
49. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Assign the application to computers in the PC OU
802.1.x NAP
Modify properties of RODC server computer account.
Purchase one additional Enterprise License
50. To join a server/PC outside of the domain to the network...
Then configure auto enrollment of certificates and Credential Roaming.
Network Load Balancing (NLB) cluster
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Modify properties of RODC server computer account.
