SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Your AD environment has an Enterprise Root CA. What 2 actions should you take to ensure that only administrators can sign code?
Include a server that runs Microsoft Office SharePoint Server 2010
Refresh the zone on DNS2
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
IIS Chared Configuration
2. To deploy templates across the organization
Microsoft Desktop Optimization Pack (MDOP) to your company
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Attach VHD file created by Windows server backup
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
3. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Modify the schema of LDSInst1
Enable Credential Roaming
Windows XP Mode
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
4. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Add George to the Domain Admins group.
Purchase one additional Enterprise License
5. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Microsoft System Center Data Protection Manager
Creating a data collector set that kick off a scritp that either move or delete files.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Modify the schema of LDSInst1
6. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Deploy it by using Group Policy Software Installation method
Modify properties of RODC server computer account.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Install From Media IFM
7. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
DSMOD
Domain based DFS namespace and configure a DFS replication group
Autonomous mode...This allows the local administrator to approve their own updates.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
8. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Domain based DFS namespace and configure a DFS replication group
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Modify the schema of LDSInst1
9. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Active Directory Domains and Trusts
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
10. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Role Separation
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Storage manager for SANs
Incoming external trust
11. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
ntdsutil
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
12. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Configure separate application pools for each application
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Configure authorization rules for Web developers on each web server
IIS Chared Configuration
13. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Multipath I/O feature
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Authorization Manager
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
14. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Ldp
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Domain based DFS namespace and configure a DFS replication group
15. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Create an e-mail account in AD DS for your RMS users.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
16. If you need to delegate control of server to remote admins group
Zone transfer settings
Enable - ADoptionalFeature cmdlet
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Configure RODC for Administrator Role Separation
17. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
AD Rights Management Services
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Modify the schema of LDSInst1
18. An AD LDS instance needs to be replicated from one server to another...
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Service user account for AD LDS
802.1.x NAP
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
19. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Disable Site Link Bridging from the IP properties
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Modify the schema of LDSInst1
Incoming external trust
20. What role to keep same time as an external server?
PDC emulator with w32tm.exe
Configure the zone as an Activde Directory-Integrated zone.
Recommend GPT and basic disks
Autonomous mode...This allows the local administrator to approve their own updates.
21. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Install Windows Server Backup and modify the Windows firewall settings
Incoming external trust
Enable Credential Roaming
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
22. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
NOT be able to store that data on an iSCSI SAN
Refresh the zone on DNS2
Test-AppLockerPolicy
23. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Then use on install image file that contains a single install image.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Modify the local policy to point to the Internal WSUS server
24. To ensure that a file on a file server do not leave the organization you must implement this.
dnscmd
Create a new Password Settings Object (PSO) for the IT users.
Windows System Resource Manager (WSRM)
AD RMS
25. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Create and deploy a logon script that runs Auditpol.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Run adprep /forestprep and adprep /domainprep
Domain based DFS namespace and configure a DFS replication group
26. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Recommend GPT and basic disks
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Changed manually
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
27. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Assign the application to computers in the PC OU
WSUS server in the branch office in replica mode.
Ntfrsutil
Raise the DFL to Windows Server 2008 R2.
28. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Refresh the zone on DNS2
Zone transfer settings
Test-AppLockerPolicy
29. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Modify the GPO to include folder redirection
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Administrators is the minimum group membership required to complete this procedure.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
30. A specific application requires registry modifications to be in place before installing; you should use
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Group Policy Preferences
Raise the DFL to Windows Server 2008 R2.
31. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Distributed File System (DFS) Replication
Raise the DFL to Windows Server 2008 R2.
32. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
dnscmd
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Use Netsh tool from administrator's computer.
33. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Implement Windows System Resource Manager (WSRM) and configure user policies
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
34. to protect file servers and hard disks that may be at risk of being accessed or stolen
Create a Network Load Balancing cluster.
Add the new UPN Suffix to the forest
Implement Windows BitLocker Drive Encryption (BitLocker)
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
35. To recover objects deleted from Active Directory you should recommend
Active Directory snapshots and Tombstone reanimation
Offline domain join
Properties of PSO need modified
PowerShell 2.0
36. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
37. To modify several user accounts to a new UPN suffix
Event Viewer
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Active Directory Users and Computers utility
Prestage the computer account in AD
38. There's an AD domain named company.com. There are 3 DC's that also hold the DNS server role which host an ADI zone named company.com. This zone is configured to update settings to Secure only Dynamic Updates. The CIO has issued a new security policy
dnscmd
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
DSMOD - ADUC
39. To create AD Domain Services snapshot
Network Load Balancing (NLB)
Configure event log subscriptions
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Ntdsutil
40. To join a server/PC outside of the domain to the network...
AD Rights Management Services
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Windows Deployment Services (WDS)
Implement a Remote Desktop Connection Broker (RD Connection Broker)
41. You need to ensure that the guest account on all servers is disabled to
Then configure GlobalNames zones on each domain controller.
Set-ADServiceAccount cmdlet
Discover the run Microsoft Baseline Security Analyzer (MBSA)
New ACCOUNT STORE should be added and configured
42. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Deploy a GPO for the Sales OU
fsconfig on FSSrv2
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
43. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Group Policy Preferences
Share and Storage Management
Windows Deployment Services (WDS)
Certificate Templates
44. Need to access some resources in another domain that is part of another forest...What trust is created?
Incoming external trust
Raise the DFL to Windows Server 2008 R2.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Implement Distributed File System Replication (DFSR) on both servers
45. To be able to user an application from one AD FS with authentication server to another...
A relying party trust should be created.
Configure Audit Special Logon and define Special Groups
Use the Local Roles options with dsmgmt.
Storage manager for SANs
46. DFL is...
net stop ntds
Win2000 Native
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
New ACCOUNT STORE should be added and configured
47. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Win2000
Deploy a GPO for the Sales OU
Windows BitLocker Drive Encryption (Bit Locker)
Deploy the Root CA certificate to the external computers.
48. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Add George to the Domain Admins group.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
49. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Network Load Balancing (NLB) cluster
ntdsutil
50. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Incoming external trust
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Increase the tombstone lifetime for the forest.
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests