SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
2. What shold be done to configure AD RMS so users can protect their data?
Create an e-mail account in AD DS for your RMS users
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Deploy a GPO for the Sales OU
Back up to an external USB drive by using Windows Server Backup
3. To delegate authority to users to manage only certain areas in Hyper-V use the
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Windows XP Mode
Configure caching on the shared folder (offline files)
Authorization Manager role assignment
4. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Windows Server 2003
Refresh the zone on DNS2
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
5. You need to relocate an AD LDS instance from C: Drive to D: Drive
Active Directory snapshots and Tombstone reanimation
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
The Group Policy Management Console
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
6. If you need to allow an external partner's computer to access internal network resources by using SSTP
Configure block inheritance on the IT OU
Deploy the Root CA certificate to the external computers.
Implement a GPO for each domain
Modify the GPO to include folder redirection
7. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Software Restriction Polices
Configure the zone as an Activde Directory-Integrated zone.
8. You need to allow a user to add a single computer to a domain - without any additional rights...
Prestage the computer account in AD
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
A Distributed File System (DFS) namespace
Back up to an external USB drive by using Windows Server Backup
9. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Microsoft Desktop Optimization Pack (MDOP)
Jill came down with 2.50.
10. New password settings object (PSO) created and needs to be applied to user
Modify properties of RODC server computer account.
Modify the GPO to include folder redirection
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Properties of PSO need modified
11. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Domain based Distributed File System (DFS) will reduce network traffic
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Basic Authentication and SSL
NOT be able to store that data on an iSCSI SAN
12. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
WSUS server in the branch office in replica mode.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Printer driver isolation
13. To modify several user accounts to a new UPN suffix
Active Directory snapshots and Tombstone reanimation
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Active Directory Users and Computers utility
Software Restriction Polices
14. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
Microsoft Desktop Optimization Pack (MDOP) to your company
Then use on install image file that contains a single install image.
DSMOD - ADUC
Administrators is the minimum group membership required to complete this procedure.
15. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Ntfrsutil
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Add George to the Domain Admins group.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
16. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Install and share a printer on a server and then enable printer pooling.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
17. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
DISABLE slow link detection in the GPO
18. To join a server/PC outside of the domain to the network...
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Increase the tombstone lifetime for the forest.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
19. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Modify properties of RODC server computer account.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
DSMOD - ADUC
Configure the zone as an Activde Directory-Integrated zone.
20. To add a new UPN for all user accounts...
AD Domains and Trusts
FFL Windows Server 2008 R2
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Changed manually
21. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Utilize IFM (Install From Media)
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Modify the schema of LDSInst1
22. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
AD Domains and Trusts
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Microsoft Desktop Optimization Pack (MDOP) to your company
23. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
24. When using Remote Desktop and Remote Desktop Session hosts - to be able to control both who can gain access - and to what - on the network configure;
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Administrative Role Separation
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Add the Windows Server Backup feature and Windows System Image recovery.
25. In order to manage websites without having to logon you can use
File Server Resource Manager (FSRM) quotas and file screens
Add the user to the Domain Admins global group
PowerShell 2.0
Group Policy Preferences
26. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Administrators is the minimum group membership required to complete this procedure.
Registry on users computer needs to be modified
Then use Windows Deployment Services (WDS)
27. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Implement Network Access Protection (NAP) that uses 802.1x enforcement
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Windows Deployment Services (WDS)
28. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Configure offline files and enable manual caching
ntdsutil
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
29. GPO setting to prevent all users from running an application
Backup operator's domain local group
Ntfrsutil
Software Restriction Polices
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
30. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Multipath I/O feature
Modify zone transfer settings for company.com zone on DCA
New ACCOUNT STORE should be added and configured
Creating a data collector set that kick off a scritp that either move or delete files.
31. What should be done first to defragment the AD database?
Run net stop ntds
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
ntdsutil
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
32. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Storage manager for SANs
Implement GPO for all client computers
Site
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
33. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Deploy a failover cluster that uses Node and File Share Disk Majority
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
34. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
dnscmd
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
The Group Policy Management Console
Use local roles options within "dsmgmt"
35. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Software Restriction Polices
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Implement a domain-based DFS namespace that uses replication
36. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Modify the GPO to include folder redirection
Create a Central Store
Deploy a failover cluster that uses Node and File Share Disk Majority
37. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
Then configure GlobalNames zones on each domain controller.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Ldp
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
38. To allow for an application on a Remote Desktop Server to be available through document invocation - you must
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Dfsrdiag
The Group Policy Management console
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
39. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
IIS Manager user account
FILES option within Ntdsutil
Event Log Subscriptions
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
40. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
From Server A - run Create Basic Task Wizard
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
41. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Configure the zone as an Activde Directory-Integrated zone.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Modify the local policy to point to the Internal WSUS server
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
42. Jack and Jill go up the hill - both with a buck and a quarter
Jill came down with 2.50.
Import-Module
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
43. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
The Group Policy Management Console
Microsoft System Center Data Protection Manager 2010
Incoming external trust
44. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Deploy a failover cluster that contains one node in each office.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
45. You need to recommend a BitLocker recovery method you should recommend this.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Data Recovery Agent
Registry on users computer needs to be modified
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
46. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
DSMOD
Network Load Balancing (NLB) cluster
A relying party trust should be created.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
47. 4 steps to perform offline Defragmentation of AD database...
Active Directory Users and Computers utility
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Import-Module
48. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Network Load Balancing (NLB)
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Active Directory Users and Computers
Run auditpol and then configure the Security settings of the Domain Controllers OU.
49. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Add the new UPN suffix to the forest.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Run net stop ntds
The Group Policy Management console
50. Need to access some resources in another domain that is part of another forest...What trust is created?
Certificate Templates
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Run the Delegation of Control Wizard on the Staff OU
Incoming external trust
