SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Storage manager for SANs
Use a GPO to configure device installation restrictions
Deploy a GPO for the Sales OU
Create an e-mail account in AD DS for your RMS users.
2. FFL is...
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Win2000
Creating a data collector set that kick off a scritp that either move or delete files.
3. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Implement Network Access Protection (NAP)
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Storage manager for SANs
4. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
Distributed File System (DFS) Replication
Windows XP Mode
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Dsmgmt
5. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Create a new Password Settings Object (PSO) for the IT users.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
6. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Add the Windows Server Backup feature and Windows System Image recovery.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Use a GPO to configure device installation restrictions
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
7. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Passive file screens
Microsoft Application Virtualization (AppV)
View properties of %systemroot%ntdsntds.dit
8. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Dynamically expanding VHD's
Active Directory snapshots and Tombstone reanimation
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
9. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
10. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
IIS Manager user account
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
11. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Configure authorization rules for Web developers on each web server
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Implement Shadow Copies
12. to increase the reliability of the print server - configure...
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Printer driver isolation
Create an e-mail account in AD DS for your RMS users
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
13. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Add George to the Domain Admins group.
Changed manually
Administrative Role Separation
14. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
15. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Add George to the Domain Admins group.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Authorization Manager
16. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Group Policy Preferences
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Use local roles options within "dsmgmt"
17. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Create an e-mail account in AD DS for your RMS users.
Implement a GPO for each domain
Microsoft Desktop Optimization Pack (MDOP)
18. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Service user account for AD LDS
Restore-ADObject cmdlet
Create and deploy a logon script that runs Auditpol.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
19. To deploy templates across the organization
Add-ADFineGrainedPasswordPolicySubject cmdlet
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
20. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Registry on users computer needs to be modified
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Get-ADUser cmdlet
21. Jack and Jill go up the hill - both with a buck and a quarter
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Changed manually
Create a new Password Settings Object (PSO) for the IT users.
Jill came down with 2.50.
22. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Modify zone transfer settings for company.com zone on DCA
Registry on users computer needs to be modified
Data Recovery Agent
23. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Active Directory Domains and Trusts
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Repadmin
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
24. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Domain based Distributed File System (DFS) will reduce network traffic
Changed manually
Windows Deployment Services (WDS)
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
25. Ensure password length for a group set to 12 characters long while others keep password policy
Add-ADFineGrainedPasswordPolicySubject cmdlet
Run net stop ntds
Data Recovery Agent
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
26. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Create a Network Load Balancing cluster.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Implement Shadow Copies
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
27. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Execute the Set-ADServiceAccount cmdlet
Configure Firewall Group Policies and link them at the Domain level
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
28. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Incoming external trust
DFL needs to be Windows Server 2008
Refresh the zone on DNS2
Deploy Microsoft System Center Operations Manager (SCOM)
29. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Ldp
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Configure the zone as an Activde Directory-Integrated zone.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
30. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Offline domain join
Windows Deployment Services (WDS)
31. When deploying an application using the Group Policy distribution method assign the...
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Incoming external trust
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Dsmgmt
32. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Network Load Balancing (NLB) cluster
Dfsrdiag
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
33. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Raise the DFL to Windows Server 2008 R2.
Changed manually
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
34. To backup GPO's in domain and minimize bakcup...
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Registry on users computer needs to be modified
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
The Group Policy Management Console
35. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
A Distributed File System (DFS) namespace
CAPublishGP group should have the Manage CA permission.
36. 4 steps to perform authoritative restore of a deleted OU...
Basic Authentication and SSL
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
37. If users need access to files locally and must be able to access files at another site if the local copy is not available you should implement this.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
A Distributed File System (DFS) namespace
PDC emulator with w32tm.exe
Execute the Set-ADServiceAccount cmdlet
38. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Install Hyper-V role and convert physical machines into virtual machines
IIS Manager user account
Set-ADServiceAccount cmdlet
39. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Creating a data collector set that kick off a scritp that either move or delete files.
40. If you need to minimize the bandwidth for installation
Utilize IFM (Install From Media)
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
From Server A - run Create Basic Task Wizard
41. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Assign the application to all client computers by using a GPO.
The Group Policy Management Console
Subnet object needs to be created
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
42. DFL is...
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Win2000 Native
Install Windows Server Backup and modify the Windows firewall settings
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
43. to protect file servers and hard disks that may be at risk of being accessed or stolen
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Implement Windows BitLocker Drive Encryption (BitLocker)
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Install the RSAT tool on their workstation to provide for more efficient network management
44. When service account passwords need to be changed for SQL they should be...
Changed manually
Implement a domain-based DFS namespace that uses replication
Enable - ADoptionalFeature cmdlet
Microsoft System Center Data Protection Manager
45. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Configure caching on the shared folder and configure offline files to use encryption
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Enable - ADoptionalFeature cmdlet
46. You need to allow a user to add a single computer to a domain - without any additional rights...
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
PDC emulator with w32tm.exe
Prestage the computer account in AD
Encrypting File System (EFS). This can be enabled locally or through a GPO.
47. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
NOT be able to store that data on an iSCSI SAN
Install Windows Server Backup and modify the Windows firewall settings
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
48. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Restore-ADObject cmdlet
Increase the tombstone lifetime for the forest.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
49. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Install Windows Server Backup and modify the Windows firewall settings
Administrators is the minimum group membership required to complete this procedure.
Execute the Set-ADServiceAccount cmdlet
Active Directory Users and Computers
50. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Configure caching on the shared folder and configure offline files to use encryption
Configure the zone as an Activde Directory-Integrated zone.
Run the Delegation of Control Wizard on the Staff OU
Microsoft SharePoint Foundation 2010