SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To ensure that recovery is possible if a file on a file server is deleted accidentally
Raise the DFL to Windows Server 2008 R2.
Implement Shadow Copies
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
2. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Install and share a printer on a server and then enable printer pooling.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Certificate Templates
Active Directory Users and Computers utility
3. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Software Restriction Polices
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
4. If you need to minimize the bandwidth for installation
Ntdsutil
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
IIS Chared Configuration
Utilize IFM (Install From Media)
5. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Active Directory Users and Computers
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Implement a GPO for each domain
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
6. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Configure caching on the shared folder and configure offline files to use encryption
From Server A - run Create Basic Task Wizard
Implement Windows BitLocker Drive Encryption (BitLocker)
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
7. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Microsoft Application Virtualization (AppV)
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
8. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Domain based DFS namespace and configure a DFS replication group
9. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Use local roles options within "dsmgmt"
Then install new Server 2008 R2 Enterprise subordinate CA.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Install Hyper-V role and convert physical machines into virtual machines
10. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Enable Windows Remote Management (WinRM) on each server.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Enable Credential Roaming
11. Tools to view contents of an OU in an AD snapshot...
Install Hyper-V role and convert physical machines into virtual machines
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
dsa.msc - dsamain.exe - ntdsutil.exe
DSMOD
12. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Configure block inheritance on the IT OU
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Configure folder redirection
13. You need to allow a user to add a single computer to a domain - without any additional rights...
Prestage the computer account in AD
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Create a new Password Settings Object (PSO) for the IT users.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
14. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
DSMOD - ADUC
Windows Server 2003
Windows XP Mode
15. Need to access some resources in another domain that is part of another forest...What trust is created?
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Disable Site Link Bridging from IP Properties
Incoming external trust
Deploy a GPO to the WebSrvOU
16. To back up your Hyper-VMs and the Hyper-V host; for each VM -
DSMOD
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
17. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Multipath I/O feature
Create a new Password Settings Object (PSO) for the IT users.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
18. George's user account has been deleted in Active Directory. George's user account needs to be restored by usine minimal amount of effort. What should be done?
Prestage the computer account in AD
Perform an authoritative restore
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
19. To create and additional AD LDS applicaiton directory partition in existing instance...
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Perform an authoritative restore
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Ldp
20. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Configure caching on the shared folder and configure offline files to use encryption
Windows Server 2003
djoin /requesteodj from internal server - djoin /provision from outside server/PC
21. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Implement Shadow Copies
dnscmd tool
Group Policy Preferences
Implement Network Access Protection (NAP)
22. FFL is...
Include a server that runs Microsoft Office SharePoint Server 2010
Win2000
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
23. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Data Recovery Agent
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Ntdsutil
24. If you need to be able to create shared folders on Server 2008 R2
Add-ADFineGrainedPasswordPolicySubject cmdlet
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Microsoft System Center Data Protection Manager 2010
25. You need to recommend a solution for users in the branch office to access files in the main office. To minimize the amount of time it takes for users in the Branch office to access files stored on servers in the main office - and minimize the number
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Active Directory Domains and Trusts
Install and share a printer on a server and then enable printer pooling.
Additional DFS Targets
26. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Implement Windows System Resource Manager (WSRM)
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Microsoft System Center Data Protection Manager 2010
27. There's an AD domain named company.com. There are 3 DC's that also hold the DNS server role which host an ADI zone named company.com. This zone is configured to update settings to Secure only Dynamic Updates. The CIO has issued a new security policy
A Distributed File System (DFS) namespace
Administrative Role Separation
Win2000
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
28. to increase the reliability of the print server - configure...
Printer driver isolation
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
29. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
Configure the zone as an Activde Directory-Integrated zone.
Implement a domain-based DFS namespace that uses replication
From Server A - run Create Basic Task Wizard
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
30. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Storage manager for SANs
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Install Hyper-V role and convert physical machines into virtual machines
31. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Changed manually
Zone transfer settings
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
32. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Implement Windows System Resource Manager (WSRM)
Create a standard secondary of domain and create standard secondary of other domain.
Microsoft System Center Data Protection Manager 2010
Test-AppLockerPolicy
33. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Group Policy Preferences
34. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
File Server Resource Manager (FSRM) quotas and file screens
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Domain based Distributed File System (DFS) will reduce network traffic
Storage manager for SANs
36. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
From Server1 - run the Create Basic Task Wizard
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Implement Windows System Resource Manager (WSRM) and configure user policies
37. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
PowerShell 2.0
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Purchase one additional Enterprise License
38. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Then configure GlobalNames zones on each domain controller.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Add-ADFineGrainedPasswordPolicySubject cmdlet
Microsoft System Center Data Protection Manager 2010
39. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Implement Network Access Protection (NAP)
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Passive file screens
Install From Media IFM
40. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
FFL Windows Server 2008 R2
Role Separation
Changed manually
Configure block inheritance on the IT OU
41. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Event Subscriptions
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Network Load Balancing (NLB)
AD RMS
42. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Configure RODC for Administrator Role Separation
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Storage manager for SANs
43. A specific application requires registry modifications to be in place before installing; you should use
Group Policy Preferences
File Server Resource Manager (FSRM) quotas and file screens
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
dnscmd tool
44. You need to ensure that the guest account on all servers is disabled to
Discover the run Microsoft Baseline Security Analyzer (MBSA)
fsconfig on FSSrv2
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Incoming external trust
45. to protect file servers and hard disks that may be at risk of being accessed or stolen
Windows XP Mode
Install Windows Server Backup and modify the Windows firewall settings
Zone transfer settings
Implement Windows BitLocker Drive Encryption (BitLocker)
46. To enable the AD Recycle Bin
Add the new UPN Suffix to the forest
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Implement Windows System Resource Manager (WSRM) and configure user policies
Enable - ADoptionalFeature cmdlet
47. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Create a Central Store
View properties of %systemroot%ntdsntds.dit
Jill came down with 2.50.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
48. To delegate authority to users to manage only certain areas in Hyper-V use the
Microsoft Desktop Optimization Pack (MDOP) to your company
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Authorization Manager role assignment
Dsmgmt
49. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Site
Deploy a failover cluster that uses Node and File Share Disk Majority
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
50. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Recommend Active Directory delegation
Enable Windows Remote Management (WinRM) on the servers.
Configure Firewall Group Policies and link them at the Domain level
Active Directory snapshots and Tombstone reanimation
