SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
Ntdsutil
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Ldp
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
2. You need to deploy a sales application that only the sales users must have access to
Basic Authentication and SSL
Deploy a GPO for the Sales OU
Use CISCO IP Helper command to configure.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
3. If you want to allow the administrator in each office to manage DHCP scope for their own office - and prevent the administror of one office from managing DHCP scopes on the DHCP server in another office with mimimal admin effort
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Network Load Balancing (NLB) cluster
Run adprep /forestprep and adprep /domainprep
Active Directory Users and Computers
4. Ensure password length for a group set to 12 characters long while others keep password policy
Add-ADFineGrainedPasswordPolicySubject cmdlet
NOT be able to store that data on an iSCSI SAN
Microsoft Desktop Optimization Pack (MDOP)
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
5. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
6. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Modify the local policy to point to the Internal WSUS server
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Basic Authentication and SSL
7. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Share and Storage Management
Deploy a failover cluster that uses Node and File Share Disk Majority
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
8. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Add the new UPN suffix to the forest.
Group Policy Preferences
Add the new UPN Suffix to the forest
9. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Group Policy Preferences
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
10. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Role Separation
dsa.msc - dsamain.exe - ntdsutil.exe
Microsoft SharePoint Foundation 2010
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
11. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Run the Delegation of Control Wizard on the Staff OU
Domain based Distributed File System (DFS) namespace and DFS Replication.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
12. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Group Policy Preferences
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Windows Server 2003
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
13. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
A Distributed File System (DFS) namespace
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Then configure auto enrollment of certificates and Credential Roaming.
14. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Subnet object needs to be created
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Storage manager for SANs
15. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
Implement Windows System Resource Manager (WSRM)
Add George to the Domain Admins group.
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Create and deploy a logon script that runs Auditpol.
16. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
17. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Multipath I/O feature
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
18. UPN Suffix xxxx.com needs to be available for user accounts...
Add the new UPN Suffix to the forest
Include a server that runs Microsoft Office SharePoint Server 2010
Dfsrdiag
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
19. To add a server with AD FS 2.0 role to an existing AD FS farm...
fsconfig on FSSrv2
Deploy it by using Group Policy Software Installation method
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
20. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Use a GPO to configure device installation restrictions
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Back up to an external USB drive by using Windows Server Backup
21. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Attach VHD file created by Windows server backup
Event Subscriptions
Deploy a failover cluster that uses Node and File Share Disk Majority
22. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Deploy a failover cluster that contains one node in each office.
Implement Windows System Resource Manager (WSRM) and configure user policies
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Implement a GPO for each domain
23. If you need to allow an external partner's computer to access internal network resources by using SSTP
Deploy the Root CA certificate to the external computers.
Software Restriction Polices
Dynamically expanding VHD's
Assign the application to computers in the PC OU
24. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Enable Windows Remote Management (WinRM) on each server.
Software Restriction Polices
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
25. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Restore-ADObject cmdlet
Disable Site Link Bridging from IP Properties
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Add the new UPN suffix to the forest.
26. to protect file servers and hard disks that may be at risk of being accessed or stolen
Then configure GlobalNames zones on each domain controller.
Properties of PSO need modified
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Implement Windows BitLocker Drive Encryption (BitLocker)
27. To allow a user to administer Active Directory
Configure Audit Special Logon and define Special Groups
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Add the user to the Domain Admins global group
Implement Windows BitLocker Drive Encryption (BitLocker)
28. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Then configure GlobalNames zones on each domain controller.
Dsmgmt
Winrm quickconfig
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
29. If you need to encrypt all data on all disks
Then use Windows BitLocker Drive Encryption
Modify properties of RODC server computer account.
Event Viewer
Run the Delegation of Control Wizard on the Staff OU
30. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Implement Distributed File System Replication (DFSR) on both servers
Configure authorization rules for Web developers on each web server
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Set-ADServiceAccount cmdlet
31. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
AD Rights Management Services
Back up to an external USB drive by using Windows Server Backup
Offline domain join
Additional DFS Targets
32. Capture all replication errors from all your DCs to a central location...
Subnet object needs to be created
Dynamically expanding VHD's
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Configure event log subscriptions
33. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
34. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
35. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Configure caching on the shared folder (offline files)
Purchase one additional Enterprise License
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Folder redirection. Folder redirection is also useful when using roamin profiles.
36. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
fsconfig on FSSrv2
Incoming external trust
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
37. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Test-AppLockerPolicy
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Get-ADUser cmdlet
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
38. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Create a MEDV workspace
39. Tools to view contents of an OU in an AD snapshot...
Active Directory Right Management Services (AD RMS)
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
dsa.msc - dsamain.exe - ntdsutil.exe
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
40. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Configure separate application pools for each application
Implement folder redirection by using GPO. Then backup the folder redirection target.
An Active Directory subnet object needs to be created.
41. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Create a Central Store
Implement folder redirection by using GPO. Then backup the folder redirection target.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Then use on install image file that contains a single install image.
42. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Then use Windows Deployment Services (WDS) on DHCP1.
IIS Chared Configuration
Your machine and remote desktops
The Group Policy Management console
43. To restore deleted user account from AD Recycle Bin...
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Deploy a failover cluster that uses Node and File Share Disk Majority
Restore-ADObject cmdlet
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
44. If you need to ensure that data is protected by BitLocker then you will...
dnscmd
NOT be able to store that data on an iSCSI SAN
Microsoft System Center Data Protection Manager 2010
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
45. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Test-AppLockerPolicy
DSMOD - ADUC
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Install Windows Server Backup and modify the Windows firewall settings
46. To backup to tape/robotic tape and to backup VMs you must use...
Configure block inheritance on the IT OU
Attach VHD file created by Windows server backup
Microsoft System Center Data Protection Manager 2010
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
47. To protect all computers on the network from unwanted access and to ensure a consistent configuration
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Configure Firewall Group Policies and link them at the Domain level
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Configure caching on the shared folder (offline files)
48. Jack and Jill go up the hill - both with a buck and a quarter
A relying party trust should be created.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Include a server that runs Microsoft Office SharePoint Server 2010
Jill came down with 2.50.
49. FFL is...
Storage manager for SANs
fsconfig on FSSrv2
Microsoft SharePoint Foundation 2010
Win2000
50. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Recommend GPT and basic disks
Site
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests