SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To be able to user an application from one AD FS with authentication server to another...
Recommend Offline Files
A relying party trust should be created.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Active Directory snapshots and Tombstone reanimation
2. What GPO setting should be configured to prevent all users from running an application?
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Configure caching on the shared folder and configure offline files to use encryption
Software Restriction Polices
MEDV to deploy virtual desktops
3. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Run the Delegation of Control Wizard on the Staff OU
MEDV to deploy virtual desktops
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
AD Rights Management Services
4. File that contains the last logon time and custom attributes values for each user in your forest.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
From Server A - run Create Basic Task Wizard
Get-ADUser cmdlet
5. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
6. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Purchase one additional Enterprise License
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Execute the Set-ADServiceAccount cmdlet
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
7. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
FFL Windows Server 2008 R2
Refresh the zone on DNS2
Your machine and remote desktops
8. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Recommend GPT and basic disks
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Recommend Group Policy preferences
9. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Authorization Manager role assignment
Ntfrsutil
AD Domains and Trusts
Winrm quickconfig
10. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Create an e-mail account in AD DS for your RMS users
Add the Windows Server Backup feature and Windows System Image recovery.
11. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Modify properties of RODC server computer account.
Modify the local policy to point to the Internal WSUS server
Increase the tombstone lifetime for the forest.
12. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Jill came down with 2.50.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Disable Site Link Bridging from IP Properties
Dfsrdiag
13. Need to access some resources in another domain that is part of another forest...What trust is created?
ntdsutil
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Incoming external trust
Domain based DFS namespace and configure a DFS replication group
14. To update ADRMS password...
AD Rights Management Services
Use the Local Roles options with dsmgmt.
An Active Directory subnet object needs to be created.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
15. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Active Directory Domains and Trusts
Domain based Distributed File System (DFS) will reduce network traffic
802.1.x NAP
Add George to the Domain Admins group.
16. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Execute the Set-ADServiceAccount cmdlet
Modify the schema of LDSInst1
Back up to an external USB drive by using Windows Server Backup
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
17. In order to ensure highly available Windows Update servers you should create this.
Ntdsutil
Create a MEDV workspace
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Upgrading DFS to Windows Server 2008 R2
18. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
fsconfig on FSSrv2
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Dynamically expanding VHD's
19. When one needs to audit files - folders - printers and the registry enable
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Then use Windows BitLocker Drive Encryption
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
MEDV to deploy virtual desktops
20. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Event Subscriptions
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Add the new UPN suffix to the forest.
21. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Recommend Active Directory delegation
Configure caching on the shared folder and configure offline files to use encryption
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Autonomous mode...This allows the local administrator to approve their own updates.
22. FFL is...
Then configure GlobalNames zones on each domain controller.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Repadmin
Win2000
23. To make deploying the custom Word dictionary easy
Recommend Group Policy preferences
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Raise the DFL to Windows Server 2008 R2.
Deploy it by using Group Policy Software Installation method
24. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Modify the GPO to include folder redirection
The Group Policy Management console
Set-ADServiceAccount cmdlet
DSMOD - ADUC
25. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Install and share a printer on a server and then enable printer pooling.
Recommend GPT and basic disks
Windows Server 2003
Implement Network Access Protection (NAP)
26. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Enable - ADoptionalFeature cmdlet
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Then use Windows Deployment Services (WDS)
27. To be able to manage all the corporate servers from a workstation - you must install the
Certificate Templates
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Create a standard secondary of domain and create standard secondary of other domain.
28. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
29. To prevent account password from being cached on RODC server...
Deploy it by using Group Policy Software Installation method
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Modify properties of RODC server computer account.
Upgrading DFS to Windows Server 2008 R2
30. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Deploy a failover cluster that uses Node and File Share Disk Majority
A relying party trust should be created.
Network Load Balancing (NLB)
31. To add a server with AD FS 2.0 role to an existing AD FS farm...
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Install From Media IFM
fsconfig on FSSrv2
Configure Firewall Group Policies and link them at the Domain level
32. To ensure that recovery is possible if a file on a file server is deleted accidentally
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Implement Shadow Copies
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
33. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Then use Windows Deployment Services (WDS) on DHCP1.
The Group Policy Management console
Microsoft Desktop Optimization Pack (MDOP) to your company
34. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Subnet object needs to be created
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
35. A specific application requires registry modifications to be in place before installing; you should use
Run adprep /forestprep and adprep /domainprep
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Windows Deployment Services (WDS)
Group Policy Preferences
36. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Test-AppLockerPolicy
Disable Site Link Bridging from the IP properties
Network Load Balancing (NLB)
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
37. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Add the user to the Domain Admins global group
Active Directory Right Management Services (AD RMS)
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
38. Ensure password length for a group set to 12 characters long while others keep password policy
Add-ADFineGrainedPasswordPolicySubject cmdlet
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
39. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Configure caching on the shared folder (offline files)
From Server A - run Create Basic Task Wizard
Create a Central Store
Windows XP Mode
40. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Implement GPO for all client computers
Implement the Windows Search Service.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
41. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
Create a MEDV workspace
Dynamically expanding VHD's
Add George to the Domain Admins group.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
42. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Configure Firewall Group Policies and link them at the Domain level
Test-AppLockerPolicy
43. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
44. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Your machine and remote desktops
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
WSUS server in the branch office in replica mode.
Assign the application to all client computers by using a GPO.
45. If you need to encrypt all data on all disks
Then use Windows BitLocker Drive Encryption
Basic Authentication and SSL
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Implement one LUN for the quorum and another LUN for the data
46. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Create an e-mail account in AD DS for your RMS users.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
WDS
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
47. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Create a Network Load Balancing cluster.
Deploy a GPO to the WebSrvOU
48. To restore previous version of script without taking up too much of time...
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Attach VHD file created by Windows server backup
Windows System Resource Manager (WSRM)
Recommend Group Policy preferences
49. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
Include a server that runs Microsoft Office SharePoint Server 2010
IIS Chared Configuration
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
MEDV to deploy virtual desktops
50. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
