Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. To defragment and AD database...
Ntdsutil
Then install new Server 2008 R2 Enterprise subordinate CA.
Configure Audit Special Logon and define Special Groups
net stop ntds

2. To create and additional AD LDS applicaiton directory partition in existing instance...
AD RMS
Create a Central Store
Data Recovery Agent
Ldp

3. To deploy templates across the organization
Microsoft SharePoint Foundation 2010
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
AD Rights Management Services
Implement a GPO for each domain

4. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
Deploy a GPO to the WebSrvOU
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Then install new Server 2008 R2 Enterprise subordinate CA.

5. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Implement folder redirection by using GPO. Then backup the folder redirection target.
Backup operator's domain local group
Implement Windows System Resource Manager (WSRM)
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP

6. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Deploy a GPO for the Sales OU
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Share and Storage Management
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.

7. To be able to manage all the corporate servers from a workstation - you must install the
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.

8. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Upgrading DFS to Windows Server 2008 R2
MEDV to deploy virtual desktops
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in

9. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Then use on install image file that contains a single install image.
FFL Windows Server 2008 R2
DISABLE slow link detection in the GPO

10. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Then use Windows Deployment Services (WDS) on DHCP1.
PDC emulator with w32tm.exe
Creating a data collector set that kick off a scritp that either move or delete files.
Increase the tombstone lifetime for the forest.

11. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Implement Distributed File System Replication (DFSR) on both servers
Then use Windows BitLocker Drive Encryption
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.

12. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Windows Server 2003
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Enable Credential Roaming
Administrators is the minimum group membership required to complete this procedure.

13. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Execute the Set-ADServiceAccount cmdlet
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Configure Firewall Group Policies and link them at the Domain level
Certificate Templates

14. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
From Server A - run Create Basic Task Wizard
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up

15. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Attach VHD file created by Windows server backup
Then use on install image file that contains a single install image.
Jill came down with 2.50.

16. Your AD environment has an Enterprise Root CA. What 2 actions should you take to ensure that only administrators can sign code?
Ntfrsutil
Modify the GPO to include folder redirection
Create ADMX and ADML files. Configure the GPO and link it to the domain.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.

17. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Implement Windows BitLocker Drive Encryption (BitLocker)
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
FFL Windows Server 2008 R2

18. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Upgrading DFS to Windows Server 2008 R2
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Configure folder redirection

19. To make deploying the custom Word dictionary easy
Recommend Group Policy preferences
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Microsoft Desktop Optimization Pack (MDOP)
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)

20. When deploying an application using the Group Policy distribution method assign the...
Add the new UPN suffix to the forest.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Then configure auto enrollment of certificates and Credential Roaming.

21. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Raise the DFL to Windows Server 2008 R2.

22. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Assign the application to computers in the PC OU
Administrative Role Separation
DSMOD - ADUC
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)

23. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

24. 4 steps to perform offline Defragmentation of AD database...
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
WSUS server in the branch office in replica mode.
Upgrading DFS to Windows Server 2008 R2

25. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Implement one LUN for the quorum and another LUN for the data
Dfsrdiag
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Create an Active Directory-Integrated zone.

26. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Modify zone transfer settings for company.com zone on DCA
Microsoft System Center Data Protection Manager
Deploy the Root CA certificate to the external computers.

27. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Configure folder redirection
Dsmgmt
Then configure auto enrollment of certificates and Credential Roaming.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU

28. If you need to delegate control of server to remote admins group
net stop ntds
Deploy it by using Group Policy Software Installation method
Configure RODC for Administrator Role Separation
Then use Windows Deployment Services (WDS)

29. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
IIS Manager user account
Ntfrsutil
NOT be able to store that data on an iSCSI SAN
Implement Windows System Resource Manager (WSRM)

30. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
Utilize IFM (Install From Media)
Create an e-mail account in AD DS for your RMS users.
Role Separation
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.

31. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

32. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Test-AppLockerPolicy
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Disable Site Link Bridging from the IP properties
Administrators is the minimum group membership required to complete this procedure.

33. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Microsoft SharePoint Foundation 2010
Configure offline files and enable manual caching
Attach VHD file created by Windows server backup
Data Recovery Agent

34. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

35. to protect file servers and hard disks that may be at risk of being accessed or stolen
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Configure Audit Special Logon and define Special Groups
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Implement Windows BitLocker Drive Encryption (BitLocker)

36. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Run the Delegation of Control Wizard on the Staff OU
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.

37. Capture all replication errors from all your DCs to a central location...
Configure event log subscriptions
Subnet object needs to be created
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Set-ADServiceAccount cmdlet

38. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
AD Rights Management Services
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Ntdsutil

39. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Configure block inheritance on the IT OU
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.

40. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Add the new UPN suffix to the forest.
Modify properties of RODC server computer account.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
DSMOD - ADUC

41. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Certificate Templates
Configure caching on the shared folder and configure offline files to use encryption
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

42. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Win2000 Native
Assign the application to all client computers by using a GPO.
Active Directory Users and Computers utility
Storage manager for SANs

43. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Microsoft System Center Data Protection Manager 2010
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Add George to the Domain Admins group.
Winrm quickconfig

44. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Purchase one additional Enterprise License
Set-ADServiceAccount cmdlet
Win2000 Native
Implement folder redirection by using GPO. Then backup the folder redirection target.

45. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Dfsrdiag
From Server A - run Create Basic Task Wizard
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Properties of PSO need modified

46. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
From Server A - run Create Basic Task Wizard
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Then use Windows Deployment Services (WDS)

47. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

48. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Implement folder redirection by using GPO. Then backup the folder redirection target.
Install Hyper-V role and convert physical machines into virtual machines
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.

49. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Windows Deployment Services (WDS)
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
The Group Policy Management console

50. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Share and Storage Management
Windows Server 2003
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.