SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You need to recommend a BitLocker recovery method you should recommend this.
Data Recovery Agent
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
2. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
Folder redirection. Folder redirection is also useful when using roamin profiles.
Create an Active Directory-Integrated zone.
Implement folder redirection by using GPO. Then backup the folder redirection target.
Test-AppLockerPolicy
3. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Winrm quickconfig
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
4. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Deploy Microsoft System Center Operations Manager (SCOM)
Back up to an external USB drive by using Windows Server Backup
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Execute the Set-ADServiceAccount cmdlet
5. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
dsa.msc - dsamain.exe - ntdsutil.exe
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Create a MEDV workspace
6. What should be done to ensure changes made to AD objects can be logged?
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Run adprep /forestprep and adprep /domainprep
Deploy it by using Group Policy Software Installation method
A Distributed File System (DFS) namespace
7. You need to deploy a sales application that only the sales users must have access to
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Deploy a GPO for the Sales OU
8. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Zone transfer settings
Use local roles options within "dsmgmt"
Network Load Balancing (NLB) cluster
Enable Windows Remote Management (WinRM) on the servers.
9. New password settings object (PSO) created and needs to be applied to user
Enable Windows Remote Management (WinRM) on the servers.
Properties of PSO need modified
Then use Windows Deployment Services (WDS)
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
10. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Microsoft System Center Data Protection Manager
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
11. A specific application requires registry modifications to be in place before installing; you should use
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Group Policy Preferences
Run auditpol and then configure the Security settings of the Domain Controllers OU.
12. 2 ways to relocate user and computer accounts to different OUs
Disable Site Link Bridging from the IP properties
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
DSMOD - ADUC
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
13. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Then configure auto enrollment of certificates and Credential Roaming.
Network Load Balancing (NLB) cluster
View properties of %systemroot%ntdsntds.dit
14. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Your machine and remote desktops
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Configure event log subscriptions
15. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Implement Windows System Resource Manager (WSRM)
Active Directory Users and Computers utility
Administrators is the minimum group membership required to complete this procedure.
Group Policy Preferences
16. To minimize the amount of storage required you should recommend
Create an Active Directory-Integrated zone.
Share and Storage Management
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Offline domain join
17. 4 steps to perform authoritative restore of a deleted OU...
Domain based Distributed File System (DFS) namespace and DFS Replication.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Site
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
18. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Add the Windows Server Backup feature and Windows System Image recovery.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Ldp
Implement folder redirection by using GPO. Then backup the folder redirection target.
19. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Implement a GPO for each domain
20. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
AD RMS
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Domain based DFS namespace and configure a DFS replication group
Windows BitLocker Drive Encryption (Bit Locker)
21. When one needs to audit files - folders - printers and the registry enable
Windows Server 2003
Subnet object needs to be created
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
22. In order to ensure highly available Windows Update servers you should create this.
Create a new Password Settings Object (PSO) for the IT users.
Active Directory Users and Computers utility
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
An Active Directory subnet object needs to be created.
23. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Use a GPO to configure device installation restrictions
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
24. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Microsoft Desktop Optimization Pack (MDOP)
From Server1 - run the Create Basic Task Wizard
ntdsutil
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
25. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Execute the Set-ADServiceAccount cmdlet
Win2000
26. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
27. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Microsoft Application Virtualization (AppV)
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Configure folder redirection
dnscmd
28. To ensure that a file on a file server do not leave the organization you must implement this.
View properties of %systemroot%ntdsntds.dit
AD RMS
Run the Delegation of Control Wizard on the Staff OU
Improve the performance of File Servers
29. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
Use the Local Roles options with dsmgmt.
Implement one LUN for the quorum and another LUN for the data
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Create a MEDV workspace
30. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
31. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Install the RSAT tool on their workstation to provide for more efficient network management
Role Separation
Configure Firewall Group Policies and link them at the Domain level
32. Your AD environment has an Enterprise Root CA. What 2 actions should you take to ensure that only administrators can sign code?
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Use a GPO to configure device installation restrictions
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
33. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
Recommend Active Directory delegation
An Active Directory subnet object needs to be created.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Implement Windows System Resource Manager (WSRM)
34. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Winrm quickconfig
NOT be able to store that data on an iSCSI SAN
Deploy a failover cluster that contains one node in each office.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
35. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Software Restriction Polices
Administrative Role Separation
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Then install new Server 2008 R2 Enterprise subordinate CA.
36. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Raise the DFL to Windows Server 2008 R2.
Configure block inheritance on the IT OU
net stop ntds
Incoming external trust
37. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
38. If you need to ensure that data is protected by BitLocker then you will...
Windows System Resource Manager (WSRM)
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
NOT be able to store that data on an iSCSI SAN
Create a MEDV workspace
39. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Create an Active Directory-Integrated zone.
Microsoft System Center Data Protection Manager
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Incoming external trust
40. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Assign the application to computers in the PC OU
Configure offline files and enable manual caching
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
41. Capture all replication errors from all your DCs to a central location...
Enable Credential Roaming
Configure event log subscriptions
dsa.msc - dsamain.exe - ntdsutil.exe
Implement the Windows Search Service.
42. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Network Load Balancing (NLB)
Folder redirection. Folder redirection is also useful when using roamin profiles.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
43. If CA PKI needs to support Suite B hashing and encryption algorithms and store keys in AD
Then install new Server 2008 R2 Enterprise subordinate CA.
Authorization Manager
Use the Local Roles options with dsmgmt.
Enable Windows Remote Management (WinRM) on each server.
44. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Implement Windows System Resource Manager (WSRM) and configure user policies
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Microsoft System Center Data Protection Manager 2010
Additional DFS Targets
45. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Group Policy Preferences
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Windows System Resource Manager (WSRM)
AD Rights Management Services
46. What utility is used to see what accounts cached on RODC?
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Active Directory Users and Computers
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Dsmgmt
47. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Deploy it by using Group Policy Software Installation method
Enable - ADoptionalFeature cmdlet
Implement a domain-based DFS namespace that uses replication
48. What GPO setting should be configured to prevent all users from running an application?
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Software Restriction Polices
Group Policy Preferences
Execute the Set-ADServiceAccount cmdlet
49. Tools to view contents of an OU in an AD snapshot...
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Increase the tombstone lifetime for the forest.
dsa.msc - dsamain.exe - ntdsutil.exe
Basic Authentication and SSL
50. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Win2000
Basic Authentication and SSL
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
