Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Recommend GPT and basic disks
Dfsrdiag

2. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Add the new UPN suffix to the forest.
Run the Delegation of Control Wizard on the Staff OU
From Server A - run Create Basic Task Wizard
WSUS server in the branch office in replica mode.

3. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Active Directory snapshots and Tombstone reanimation
Additional DFS Targets

4. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Test-AppLockerPolicy
Domain based DFS namespace and configure a DFS replication group
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Raise the DFL to Windows Server 2008 R2.

5. To help restrict access to Windows 7 computer in the event that it gets stolen implement
CAPublishGP group should have the Manage CA permission.
Windows BitLocker Drive Encryption (Bit Locker)
Win2000
Install Hyper-V role and convert physical machines into virtual machines

6. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
DFL needs to be Windows Server 2008
Then configure auto enrollment of certificates and Credential Roaming.
Test-AppLockerPolicy
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).

7. To ensure that recovery is possible if a file on a file server is deleted accidentally
Implement Shadow Copies
Use Netsh tool from administrator's computer.
net stop ntds
Data Recovery Agent

8. If you need to allow an external partner's computer to access internal network resources by using SSTP
Deploy the Root CA certificate to the external computers.
Your machine and remote desktops
Administrative Role Separation
Service user account for AD LDS

9. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Install the RSAT tool on their workstation to provide for more efficient network management

10. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Create an Active Directory-Integrated zone.

11. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Windows Deployment Services (WDS)
WSUS server in the branch office in replica mode.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Software Restriction Polices

12. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Run net stop ntds
Run adprep /forestprep and adprep /domainprep
Create an Active Directory-Integrated zone.

13. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Recommend Group Policy preferences
MEDV to deploy virtual desktops
Enable Credential Roaming
AD RMS

14. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Utilize IFM (Install From Media)
Windows Deployment Services (WDS)
Event Log Subscriptions
Windows System Resource Manager (WSRM)

15. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

16. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
Create an e-mail account in AD DS for your RMS users
Implement Network Access Protection (NAP)
Implement Shadow Copies
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP

17. To restore previous version of script without taking up too much of time...
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Attach VHD file created by Windows server backup

18. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

19. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Dsmgmt
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Dynamically expanding VHD's

20. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Implement Windows System Resource Manager (WSRM)
IIS Manager user account
Microsoft Application Virtualization (AppV)

21. When recommending a monitoring solution for an application so that it's events can be stored in a central
Ntdsutil
Event Subscriptions
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Run the Delegation of Control Wizard on the Staff OU

22. You need to ensure that the guest account on all servers is disabled to
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Certificate Templates
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.

23. The strongest form of NAP is
Add the user to the Domain Admins global group
dnscmd tool
Windows System Resource Manager (WSRM)
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.

24. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
Dsmgmt
Create a new Password Settings Object (PSO) for the IT users.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Ensure your account - or the group is a member of the local Administrators group for that specific server.

25. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Enable Windows Remote Management (WinRM) on the servers.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)

26. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Distributed File System (DFS) Replication
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Include a server that runs Microsoft Office SharePoint Server 2010
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.

27. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Active Directory Users and Computers utility
Additional DFS Targets
Then use Windows Deployment Services (WDS)
An Active Directory subnet object needs to be created.

28. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
Create an e-mail account in AD DS for your RMS users.
Recommend Offline Files
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology

29. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Purchase one additional Enterprise License
Get-ADUser cmdlet

30. Auditing the deletion of Registry keys on all Domain Controllers
Ntfrsutil
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)

31. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Execute the Set-ADServiceAccount cmdlet
Active Directory Users and Computers utility
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Active Directory Users and Computers

32. The Computer Management snap-in allows you to create shares both on...
Your machine and remote desktops
The Group Policy Management console
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files

33. Striped volumes
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Improve the performance of File Servers
Create and deploy a logon script that runs Auditpol.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

34. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Incoming external trust
Configure Firewall Group Policies and link them at the Domain level
Implement Network Access Protection (NAP)
Network Load Balancing (NLB)

35. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
Use the Local Roles options with dsmgmt.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
An Active Directory subnet object needs to be created.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.

36. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Create an Active Directory-Integrated zone.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.

37. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
The Group Policy Management console
Implement one LUN for the quorum and another LUN for the data
Perform an authoritative restore

38. to prevent VMs from receiving updats from a group policy
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Then use on install image file that contains a single install image.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Execute the Set-ADServiceAccount cmdlet

39. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Implement folder redirection by using GPO. Then backup the folder redirection target.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Then configure GlobalNames zones on each domain controller.

40. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Implement Windows System Resource Manager (WSRM) and configure user policies
Upgrading DFS to Windows Server 2008 R2
Modify properties of RODC server computer account.

41. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
From Server A - run Create Basic Task Wizard
Dfsrdiag
Configure folder redirection
Registry on users computer needs to be modified

42. Jack and Jill go up the hill - both with a buck and a quarter
Changed manually
Implement a domain-based DFS namespace that uses replication
Software Restriction Polices
Jill came down with 2.50.

43. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Deploy the Root CA certificate to the external computers.
Use Netsh tool from administrator's computer.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Implement Shadow Copies

44. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Software Restriction Polices
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Create a standard secondary of domain and create standard secondary of other domain.
Changed manually

45. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Raise the DFL to Windows Server 2008 R2.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.

46. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Deploy Microsoft System Center Operations Manager (SCOM)
Zone transfer settings
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)

47. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Distributed File System (DFS) Replication
Add the Windows Server Backup feature and Windows System Image recovery.

48. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th

49. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Modify zone transfer settings for company.com zone on DCA
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Deploy it by using Group Policy Software Installation method

50. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183