SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If a file server reaches 15% free disk space - you could free up some disk space by
Enable - ADoptionalFeature cmdlet
Creating a data collector set that kick off a scritp that either move or delete files.
Add the user to the Domain Admins global group
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
2. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Configure folder redirection
3. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Event Log Subscriptions
Active Directory Domains and Trusts
Disable Site Link Bridging from the IP properties
4. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Ntfrsutil
Your machine and remote desktops
Include a server that runs Microsoft Office SharePoint Server 2010
FILES option within Ntdsutil
5. What utility is used to see what accounts cached on RODC?
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Execute the Set-ADServiceAccount cmdlet
Active Directory Users and Computers
dsa.msc - dsamain.exe - ntdsutil.exe
6. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
MEDV to deploy virtual desktops
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Microsoft System Center Data Protection Manager
Group Policy Preferences
7. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Windows Deployment Services (WDS)
Deploy the Root CA certificate to the external computers.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
8. Need to ensure users receive updated template within five days...
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Registry on users computer needs to be modified
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
9. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Configure RODC for Administrator Role Separation
Windows System Resource Manager (WSRM)
Creating a data collector set that kick off a scritp that either move or delete files.
Import-Module
10. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Subnet object needs to be created
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Ntdsutil
Use the Local Roles options with dsmgmt.
11. to make shares at a remote location available to users you should implement this.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Use a GPO to configure device installation restrictions
Authorization Manager
12. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Dsmgmt
Authorization Manager
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Windows System Resource Manager (WSRM)
13. To update ADRMS password...
AD Rights Management Services
Then use Windows BitLocker Drive Encryption
Configure block inheritance on the IT OU
Create an e-mail account in AD DS for your RMS users.
14. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
IIS Manager user account
Then use Windows BitLocker Drive Encryption
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
15. To prevent account password from being cached on RODC server...
dsa.msc - dsamain.exe - ntdsutil.exe
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Modify properties of RODC server computer account.
PowerShell 2.0
16. Need to access some resources in another domain that is part of another forest...What trust is created?
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Assign the application to all client computers by using a GPO.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Incoming external trust
17. To backup GPO's in domain and minimize bakcup...
The Group Policy Management Console
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Basic Authentication and SSL
18. To delegate authority to users to manage only certain areas in Hyper-V use the
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Authorization Manager role assignment
Create a MEDV workspace
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
19. To minimize the amount of storage required you should recommend
AD Domains and Trusts
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
net stop ntds
Share and Storage Management
20. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Run adprep /forestprep and adprep /domainprep
21. To allow a user to administer Active Directory
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Then use Windows Deployment Services (WDS)
Winrm quickconfig
Add the user to the Domain Admins global group
22. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Implement Network Access Protection (NAP)
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
From Server1 - run the Create Basic Task Wizard
23. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Create a Network Load Balancing cluster.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Software Restriction Polices
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
24. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Role Separation
Implement Windows System Resource Manager (WSRM) and configure user policies
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
25. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
CAPublishGP group should have the Manage CA permission.
Test-AppLockerPolicy
Role Separation
Deploy a failover cluster that uses Node and File Share Disk Majority
26. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Implement one LUN for the quorum and another LUN for the data
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
27. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Zone transfer settings
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Windows Server 2003
dnscmd
28. If you need to delegate control of server to remote admins group
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Creating a data collector set that kick off a scritp that either move or delete files.
Configure RODC for Administrator Role Separation
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
29. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
Win2000
Raise the DFL to Windows Server 2008 R2.
Upgrading DFS to Windows Server 2008 R2
Run net stop ntds
30. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
Modify the schema of LDSInst1
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
The Group Policy Management Console
Then use Windows BitLocker Drive Encryption
31. To configure Administrator Role Separation for an RODC
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Dfsrdiag
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
32. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Win2000 Native
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
33. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Use the Local Roles options with dsmgmt.
Active Directory Users and Computers utility
34. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Passive file screens
Recommend Group Policy preferences
Then configure auto enrollment of certificates and Credential Roaming.
35. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Windows System Resource Manager (WSRM)
Distributed File System (DFS) Replication
Configure an audit policy by editing the default domain policy and configure Event Forwarding
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
36. To enable the AD Recycle Bin
Enable - ADoptionalFeature cmdlet
Basic Authentication and SSL
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Then use Windows Deployment Services (WDS) on DHCP1.
37. You need to relocate an AD LDS instance from C: Drive to D: Drive
Add-ADFineGrainedPasswordPolicySubject cmdlet
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
38. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Use the Local Roles options with dsmgmt.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Create a new Password Settings Object (PSO) for the IT users.
Domain based DFS namespace and configure a DFS replication group
39. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
dsa.msc - dsamain.exe - ntdsutil.exe
Create a Network Load Balancing cluster.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
40. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Install Windows Server Backup and modify the Windows firewall settings
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Administrative Role Separation
41. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Disable Site Link Bridging from the IP properties
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Basic Authentication and SSL
42. When service account passwords need to be changed for SQL they should be...
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Changed manually
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
43. To ensure that a file on a file server do not leave the organization you must implement this.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
AD RMS
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
44. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Windows BitLocker Drive Encryption (Bit Locker)
Basic Authentication and SSL
45. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
dsa.msc - dsamain.exe - ntdsutil.exe
Recommend Offline Files
46. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Implement Distributed File System Replication (DFSR) on both servers
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
47. The strongest form of NAP is
Certificate Templates
Microsoft Desktop Optimization Pack (MDOP) to your company
FFL Windows Server 2008 R2
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
48. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Recommend Active Directory delegation
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
49. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Implement a domain-based DFS namespace that uses replication
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Implement one LUN for the quorum and another LUN for the data
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
50. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Authorization Manager
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Windows Server 2003
