SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If users complain that it is hard to find the shared folders on the network implement
Implement Network Access Protection (NAP)
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Additional DFS Targets
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
2. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Add the new UPN suffix to the forest.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Create a new Password Settings Object (PSO) for the IT users.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
3. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Deploy it by using Group Policy Software Installation method
Create a standard secondary of domain and create standard secondary of other domain.
AD Rights Management Services
4. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
DSMOD - ADUC
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Your machine and remote desktops
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
5. To create and additional AD LDS applicaiton directory partition in existing instance...
Modify the GPO to include folder redirection
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Ldp
6. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Add the new UPN Suffix to the forest
Add the new UPN suffix to the forest.
Microsoft SharePoint Foundation 2010
7. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
Implement one LUN for the quorum and another LUN for the data
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Install Hyper-V role and convert physical machines into virtual machines
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
8. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Offline domain join
Jill came down with 2.50.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
9. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Service user account for AD LDS
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Install From Media IFM
10. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
Then install new Server 2008 R2 Enterprise subordinate CA.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Modify properties of RODC server computer account.
Then use on install image file that contains a single install image.
11. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Run adprep /forestprep and adprep /domainprep
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
12. To backup to tape/robotic tape and to backup VMs you must use...
Microsoft System Center Data Protection Manager 2010
Your machine and remote desktops
Perform an authoritative restore
Deploy the Root CA certificate to the external computers.
13. George's user account has been deleted in Active Directory. George's user account needs to be restored by usine minimal amount of effort. What should be done?
Windows Server 2003
Configure authorization rules for Web developers on each web server
Site
Perform an authoritative restore
14. To create AD Domain Services snapshot
Ntdsutil
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Deploy a failover cluster that contains one node in each office.
Perform an authoritative restore
15. If you want to implement BitLocker and store recovery informaiton in a central location
CAPublishGP group should have the Manage CA permission.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
NOT be able to store that data on an iSCSI SAN
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
16. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Deploy a GPO for the Sales OU
Add the Windows Server Backup feature and Windows System Image recovery.
Use local roles options within "dsmgmt"
Get-ADUser cmdlet
17. When service account passwords need to be changed for SQL they should be...
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Changed manually
Multipath I/O feature
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
18. What should be done first to defragment the AD database?
Run net stop ntds
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Recommend Offline Files
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
19. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Implement folder redirection by using GPO. Then backup the folder redirection target.
Microsoft Desktop Optimization Pack (MDOP) to your company
Implement Windows System Resource Manager (WSRM) and configure user policies
20. To add a server with AD FS 2.0 role to an existing AD FS farm...
Configure block inheritance on the IT OU
Implement Windows System Resource Manager (WSRM)
fsconfig on FSSrv2
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
21. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Run adprep /forestprep and adprep /domainprep
Deploy Microsoft System Center Operations Manager (SCOM)
Deploy a GPO for the Sales OU
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
22. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Basic Authentication and SSL
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Assign the application to computers in the PC OU
Modify the local policy to point to the Internal WSUS server
23. You need to ensure that the guest account on all servers is disabled to
Add the Windows Server Backup feature and Windows System Image recovery.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
24. To configure Administrator Role Separation for an RODC
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Multipath I/O feature
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Create a standard secondary of domain and create standard secondary of other domain.
25. Striped volumes
DFL needs to be Windows Server 2008
Improve the performance of File Servers
Incoming external trust
Domain based Distributed File System (DFS) namespace and DFS Replication.
26. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
27. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Implement GPO for all client computers
Incoming external trust
Event Log Subscriptions
DSMOD
28. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Administrative Role Separation
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Install the RSAT tool on their workstation to provide for more efficient network management
29. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Attach VHD file created by Windows server backup
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
ntdsutil
30. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Active Directory Users and Computers
Modify the local policy to point to the Internal WSUS server
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Subnet object needs to be created
31. You need a solution that allows a global group to perform the following: stop and start services; change registry settings; change network settings
Zone transfer settings
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Subnet object needs to be created
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
32. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
AD Domains and Trusts
Add-ADFineGrainedPasswordPolicySubject cmdlet
Use local roles options within "dsmgmt"
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
33. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
WDS
Install From Media IFM
Passive file screens
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
34. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Storage manager for SANs
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Modify the schema of LDSInst1
35. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Deploy it by using Group Policy Software Installation method
Assign the application to computers in the PC OU
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Network Load Balancing (NLB) cluster
36. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Implement Windows System Resource Manager (WSRM) and configure user policies
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Group Policy Preferences
37. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Enable Windows Remote Management (WinRM) on the servers.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Then configure GlobalNames zones on each domain controller.
Event Log Subscriptions
38. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Back up to an external USB drive by using Windows Server Backup
WDS
Refresh the zone on DNS2
39. You need to design your WSUS infrastructure so that updates are highly available. To do so
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
40. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Repadmin
Administrators is the minimum group membership required to complete this procedure.
IIS Manager user account
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
41. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
The Group Policy Management console
Assign the application to all client computers by using a GPO.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Deploy Microsoft System Center Operations Manager (SCOM)
42. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Deploy a failover cluster that contains one node in each office.
Enable - ADoptionalFeature cmdlet
Recommend Offline Files
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
43. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Add George to the Domain Admins group.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Install the RSAT tool on their workstation to provide for more efficient network management
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
44. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Configure event log subscriptions
Recommend GPT and basic disks
Configure block inheritance on the IT OU
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
45. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
Configure separate application pools for each application
Implement the Windows Search Service.
Event Log Subscriptions
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
46. If you want to allow single-label name resolution
Authorization Manager role assignment
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Then configure GlobalNames zones on each domain controller.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
47. To update ADRMS password...
Import-Module
Then configure auto enrollment of certificates and Credential Roaming.
DSMOD - ADUC
AD Rights Management Services
48. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Autonomous mode...This allows the local administrator to approve their own updates.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Active Directory snapshots and Tombstone reanimation
Deploy a failover cluster that uses Node and File Share Disk Majority
49. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Backup operator's domain local group
Create an e-mail account in AD DS for your RMS users.
Upgrading DFS to Windows Server 2008 R2
Run adprep /forestprep and adprep /domainprep
50. To make deploying the custom Word dictionary easy
Recommend Offline Files
Implement Distributed File System Replication (DFSR) on both servers
Recommend Group Policy preferences
Authorization Manager
