SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Tool to change Directory Services Restore Mode password on Domain Controller...
ntdsutil
Create a MEDV workspace
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Passive file screens
2. To add a new UPN for all user accounts...
Run the Delegation of Control Wizard on the Staff OU
Deploy a GPO for the Sales OU
AD Domains and Trusts
Incoming external trust
3. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Add the user to the Domain Admins global group
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Implement one LUN for the quorum and another LUN for the data
Implement Shadow Copies
4. To backup Virtual Machines
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
DFL needs to be Windows Server 2008
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
5. You need an Active Directory strategy that supports the recovery of deleted objects for up to one year after the date of deletion. to accomplish this
Creating a data collector set that kick off a scritp that either move or delete files.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
dsa.msc - dsamain.exe - ntdsutil.exe
Increase the tombstone lifetime for the forest.
6. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Registry on users computer needs to be modified
Ntdsutil
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Configure caching on the shared folder and configure offline files to use encryption
7. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Configure an audit policy by editing the default domain policy and configure Event Forwarding
DSMOD - ADUC
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Install From Media IFM
8. What shold be done to configure AD RMS so users can protect their data?
Add-ADFineGrainedPasswordPolicySubject cmdlet
Autonomous mode...This allows the local administrator to approve their own updates.
Deploy a failover cluster that uses Node and File Share Disk Majority
Create an e-mail account in AD DS for your RMS users
9. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Assign the application to all client computers by using a GPO.
Utilize IFM (Install From Media)
Ensure your account - or the group is a member of the local Administrators group for that specific server.
10. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Import-Module
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Jill came down with 2.50.
11. Tools to view contents of an OU in an AD snapshot...
dsa.msc - dsamain.exe - ntdsutil.exe
Execute the Set-ADServiceAccount cmdlet
Active Directory snapshots and Tombstone reanimation
MEDV to deploy virtual desktops
12. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Disable Site Link Bridging from IP Properties
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Win2000 Native
Win2000
13. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Implement Distributed File System Replication (DFSR) on both servers
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Enable Windows Remote Management (WinRM) on each server.
14. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Win2000
Get-ADUser cmdlet
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
15. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Modify the schema of LDSInst1
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Then install new Server 2008 R2 Enterprise subordinate CA.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
16. 4 steps to perform authoritative restore of a deleted OU...
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
dsa.msc - dsamain.exe - ntdsutil.exe
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
17. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Install the RSAT tool on their workstation to provide for more efficient network management
Set-ADServiceAccount cmdlet
Add the new UPN Suffix to the forest
Offline domain join
18. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Domain based Distributed File System (DFS) will reduce network traffic
Create a Network Load Balancing cluster.
CAPublishGP group should have the Manage CA permission.
Install the RSAT tool on their workstation to provide for more efficient network management
19. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Multipath I/O feature
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
20. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
From Server1 - run the Create Basic Task Wizard
Authorization Manager role assignment
Enable Windows Remote Management (WinRM) on the servers.
Properties of PSO need modified
21. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Autonomous mode...This allows the local administrator to approve their own updates.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
22. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Configure the zone as an Activde Directory-Integrated zone.
Create and deploy a logon script that runs Auditpol.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Active Directory Users and Computers utility
23. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
FFL Windows Server 2008 R2
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Winrm quickconfig
24. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Then use Windows Deployment Services (WDS) on DHCP1.
Modify zone transfer settings for company.com zone on DCA
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Dynamically expanding VHD's
25. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Certificate Templates
26. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Deploy a GPO to the WebSrvOU
Implement Windows BitLocker Drive Encryption (BitLocker)
Purchase one additional Enterprise License
Use a GPO to configure device installation restrictions
27. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Changed manually
Install Hyper-V role and convert physical machines into virtual machines
Configure block inheritance on the IT OU
Recommend Group Policy preferences
28. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Microsoft SharePoint Foundation 2010
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
The Group Policy Management console
Add George to the Domain Admins group.
29. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Then use Windows Deployment Services (WDS)
Dsmgmt
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
30. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Microsoft SharePoint Foundation 2010
Event Log Subscriptions
31. What should be done to ensure changes made to AD objects can be logged?
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
32. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Install Hyper-V role and convert physical machines into virtual machines
A relying party trust should be created.
Recommend Group Policy preferences
Certificate Templates
33. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Enable Credential Roaming
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Configure caching on the shared folder and configure offline files to use encryption
Add the new UPN Suffix to the forest
34. What role to keep same time as an external server?
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Create a standard secondary of domain and create standard secondary of other domain.
Backup operator's domain local group
PDC emulator with w32tm.exe
35. Auditing the deletion of Registry keys on all Domain Controllers
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Configure offline files and enable manual caching
36. 4 steps to perform offline Defragmentation of AD database...
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Test-AppLockerPolicy
Add George to the Domain Admins group.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
37. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Install the RSAT tool on their workstation to provide for more efficient network management
Deploy a failover cluster that contains one node in each office.
Deploy it by using Group Policy Software Installation method
38. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Site
Event Log Subscriptions
Back up to an external USB drive by using Windows Server Backup
Win2000 Native
39. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Creating a data collector set that kick off a scritp that either move or delete files.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Implement Distributed File System Replication (DFSR) on both servers
40. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
41. 2 ways to relocate user and computer accounts to different OUs
IIS Chared Configuration
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
DSMOD - ADUC
Deploy the Root CA certificate to the external computers.
42. To identify users who bypass the new corporate security policy -
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Configure Audit Special Logon and define Special Groups
Include a server that runs Microsoft Office SharePoint Server 2010
Incoming external trust
43. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
DSMOD
Site
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
44. FFL is...
Win2000
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Passive file screens
45. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Authorization Manager role assignment
Active Directory Right Management Services (AD RMS)
Assign the application to all client computers by using a GPO.
Modify the GPO to include folder redirection
46. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
The Group Policy Management Console
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Implement GPO for all client computers
Dsmgmt
47. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. If you need to minimize amount of time and impact of 50 simultaneous Win7 installations
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Configure authorization rules for Web developers on each web server
MEDV to deploy virtual desktops
Implement Distributed File System Replication (DFSR) on both servers
49. What utility is used to see what accounts cached on RODC?
Enable Windows Remote Management (WinRM) on the servers.
Ldp
Active Directory Users and Computers
Increase the tombstone lifetime for the forest.
50. To delegate authority to users to manage only certain areas in Hyper-V use the
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Zone transfer settings
Authorization Manager role assignment
Implement the Windows Search Service.
