SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Configure the zone as an Activde Directory-Integrated zone.
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Execute the Set-ADServiceAccount cmdlet
2. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Create an Active Directory-Integrated zone.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Ldp
3. You need to design your WSUS infrastructure so that updates are highly available. To do so
DSMOD
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
4. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Deploy it by using Group Policy Software Installation method
Test-AppLockerPolicy
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Implement Windows BitLocker Drive Encryption (BitLocker)
5. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Add the user to the Domain Admins global group
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
6. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Assign the application to all client computers by using a GPO.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Enable Windows Remote Management (WinRM) on the servers.
Microsoft SharePoint Foundation 2010
7. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
8. DFL is...
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Win2000 Native
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
9. If you need to allow an external partner's computer to access internal network resources by using SSTP
Install and share a printer on a server and then enable printer pooling.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Deploy the Root CA certificate to the external computers.
Microsoft Desktop Optimization Pack (MDOP) to your company
10. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Storage manager for SANs
Then configure GlobalNames zones on each domain controller.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
11. To modify several user accounts to a new UPN suffix
DFL needs to be Windows Server 2008
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Active Directory Users and Computers utility
Create a new Password Settings Object (PSO) for the IT users.
12. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Improve the performance of File Servers
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
13. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Install From Media IFM
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
14. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Then use Windows BitLocker Drive Encryption
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Offline domain join
Active Directory Domains and Trusts
15. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Add the new UPN suffix to the forest.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
16. In order to ensure highly available Windows Update servers you should create this.
From Server1 - run the Create Basic Task Wizard
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Improve the performance of File Servers
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
17. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Multipath I/O feature
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Implement GPO for all client computers
18. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Recommend Offline Files
Implement a GPO for each domain
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
802.1.x NAP
19. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Configure RODC for Administrator Role Separation
20. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
Configure folder redirection
Configure RODC for Administrator Role Separation
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Install and share a printer on a server and then enable printer pooling.
21. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Administrators is the minimum group membership required to complete this procedure.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Include a server that runs Microsoft Office SharePoint Server 2010
net stop ntds
22. To be able to user an application from one AD FS with authentication server to another...
Enable Windows Remote Management (WinRM) on the servers.
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Deploy a GPO for the Sales OU
A relying party trust should be created.
23. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Certificate Templates
Administrative Role Separation
Implement Network Access Protection (NAP) that uses 802.1x enforcement
24. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Configure caching on the shared folder (offline files)
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
25. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
26. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Configure separate application pools for each application
Increase the tombstone lifetime for the forest.
FILES option within Ntdsutil
27. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Implement Network Access Protection (NAP)
Creating a data collector set that kick off a scritp that either move or delete files.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Run adprep /forestprep and adprep /domainprep
28. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Prestage the computer account in AD
Modify the GPO to include folder redirection
Active Directory Right Management Services (AD RMS)
Deploy a GPO for the Sales OU
29. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Configure caching on the shared folder and configure offline files to use encryption
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Network Load Balancing (NLB) cluster
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
30. To allow connection to a 256 Kbps ISDN...
Active Directory Domains and Trusts
Configure RODC for Administrator Role Separation
DISABLE slow link detection in the GPO
Recommend GPT and basic disks
31. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Microsoft System Center Data Protection Manager
Windows BitLocker Drive Encryption (Bit Locker)
Incoming external trust
32. To ensure that recovery is possible if a file on a file server is deleted accidentally
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Implement Shadow Copies
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Add the user to the Domain Admins global group
33. What role to keep same time as an external server?
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Improve the performance of File Servers
Test-AppLockerPolicy
PDC emulator with w32tm.exe
34. In order to manage websites without having to logon you can use
Group Policy Preferences
PowerShell 2.0
Import-Module
Dsmgmt
35. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
ntdsutil
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
dnscmd tool
36. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
net stop ntds
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Configure authorization rules for Web developers on each web server
37. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Then use Windows Deployment Services (WDS) on DHCP1.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
38. The strongest form of NAP is
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
39. Auditing the deletion of Registry keys on all Domain Controllers
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Recommend Offline Files
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Configure RODC for Administrator Role Separation
40. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Install and share a printer on a server and then enable printer pooling.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
41. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Win2000 Native
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
The Group Policy Management Console
42. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Upgrading DFS to Windows Server 2008 R2
Implement Distributed File System Replication (DFSR) on both servers
Get-ADUser cmdlet
43. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
PDC emulator with w32tm.exe
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Create a Network Load Balancing cluster.
Additional DFS Targets
44. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Assign the application to all client computers by using a GPO.
Run adprep /forestprep and adprep /domainprep
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Active Directory Domains and Trusts
45. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
46. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Dsmgmt
Import-Module
Test-AppLockerPolicy
Install Windows Server Backup and modify the Windows firewall settings
47. When service account passwords need to be changed for SQL they should be...
Deploy it by using Group Policy Software Installation method
Increase the tombstone lifetime for the forest.
Changed manually
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
48. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Microsoft Desktop Optimization Pack (MDOP) to your company
Implement the Windows Search Service.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
49. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Disable Site Link Bridging from the IP properties
Add the user to the Domain Admins global group
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Software Restriction Polices
50. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Recommend Group Policy preferences
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Configure Firewall Group Policies and link them at the Domain level
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
