SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. George's user account has been deleted in Active Directory. George's user account needs to be restored by usine minimal amount of effort. What should be done?
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Use local roles options within "dsmgmt"
Microsoft System Center Data Protection Manager
Perform an authoritative restore
2. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Configure authorization rules for Web developers on each web server
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
An Active Directory subnet object needs to be created.
3. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Certificate Templates
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
4. You need to deploy a sales application that only the sales users must have access to
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Deploy a GPO for the Sales OU
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Service user account for AD LDS
5. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
Implement one LUN for the quorum and another LUN for the data
Deploy a GPO for the Sales OU
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Service user account for AD LDS
6. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Run the Delegation of Control Wizard on the Staff OU
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Event Subscriptions
7. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Test-AppLockerPolicy
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Deploy a GPO to the WebSrvOU
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
8. To replicate SYSVOL using Distributed File System Replication (DFSR)...
Active Directory Users and Computers
DFL needs to be Windows Server 2008
Perform an authoritative restore
Create a Network Load Balancing cluster.
9. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Attach VHD file created by Windows server backup
Implement the Windows Search Service.
10. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Administrators is the minimum group membership required to complete this procedure.
802.1.x NAP
Use CISCO IP Helper command to configure.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
11. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Deploy it by using Group Policy Software Installation method
Install Windows Server Backup and modify the Windows firewall settings
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
12. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Get-ADUser cmdlet
Create a Central Store
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Event Log Subscriptions
13. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Software Restriction Polices
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Role Separation
Configure an audit policy by editing the default domain policy and configure Event Forwarding
14. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Use the Local Roles options with dsmgmt.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
15. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Folder redirection. Folder redirection is also useful when using roamin profiles.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Install the RSAT tool on their workstation to provide for more efficient network management
Add the Windows Server Backup feature and Windows System Image recovery.
16. An AD LDS instance needs to be replicated from one server to another...
Disable Site Link Bridging from the IP properties
Then configure GlobalNames zones on each domain controller.
Service user account for AD LDS
Implement GPO for all client computers
17. To compact AD database...
Configure folder redirection
Active Directory Users and Computers
FILES option within Ntdsutil
Configure block inheritance on the IT OU
18. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
PDC emulator with w32tm.exe
Back up to an external USB drive by using Windows Server Backup
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Configure event log subscriptions
19. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Modify properties of RODC server computer account.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
20. To be able to manage all the corporate servers from a workstation - you must install the
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Implement Windows System Resource Manager (WSRM) and configure user policies
Service user account for AD LDS
21. To restore deleted user account from AD Recycle Bin...
Disable Site Link Bridging from IP Properties
Restore-ADObject cmdlet
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
22. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Subnet object needs to be created
Enable Windows Remote Management (WinRM) on the servers.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Event Subscriptions
23. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
From Server1 - run the Create Basic Task Wizard
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
24. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Test-AppLockerPolicy
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Then use Windows BitLocker Drive Encryption
Configure offline files and enable manual caching
25. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Recommend Offline Files
Windows Deployment Services (WDS)
26. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Recommend GPT and basic disks
MEDV to deploy virtual desktops
Assign the application to all client computers by using a GPO.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
27. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Passive file screens
ntdsutil
Dfsrdiag
DSMOD
28. For the users that work remotely that need access to files from the corporate office you should...
Implement Windows System Resource Manager (WSRM)
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Disable Site Link Bridging from IP Properties
Recommend Offline Files
29. To recover objects deleted from Active Directory you should recommend
WSUS server in the branch office in replica mode.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Active Directory snapshots and Tombstone reanimation
30. To prevent account password from being cached on RODC server...
Basic Authentication and SSL
Modify the schema of LDSInst1
Modify properties of RODC server computer account.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
31. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Raise the DFL to Windows Server 2008 R2.
Dfsrdiag
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Create an e-mail account in AD DS for your RMS users
32. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Dfsrdiag
Modify the schema of LDSInst1
Configure RODC for Administrator Role Separation
33. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Deploy a GPO for the Sales OU
Administrators is the minimum group membership required to complete this procedure.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
34. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Use the Local Roles options with dsmgmt.
Import-Module
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
35. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Win2000 Native
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Certificate Templates
36. To backup GPO's in domain and minimize bakcup...
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Your machine and remote desktops
Active Directory snapshots and Tombstone reanimation
The Group Policy Management Console
37. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Zone transfer settings
Changed manually
38. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Purchase one additional Enterprise License
Configure caching on the shared folder and configure offline files to use encryption
Install the RSAT tool on their workstation to provide for more efficient network management
Increase the tombstone lifetime for the forest.
39. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
40. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
net stop ntds
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Ntfrsutil
41. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Create a standard secondary of domain and create standard secondary of other domain.
Attach VHD file created by Windows server backup
Disable Site Link Bridging from the IP properties
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
42. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Basic Authentication and SSL
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
43. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
AD Rights Management Services
Refresh the zone on DNS2
Win2000 Native
New ACCOUNT STORE should be added and configured
44. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
New ACCOUNT STORE should be added and configured
DFL needs to be Windows Server 2008
Microsoft Application Virtualization (AppV)
Disable Site Link Bridging from IP Properties
45. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Enable Windows Remote Management (WinRM) on each server.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Create and deploy a logon script that runs Auditpol.
46. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Active Directory Right Management Services (AD RMS)
Test-AppLockerPolicy
Group Policy Preferences
47. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Implement Windows System Resource Manager (WSRM)
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Group Policy Preferences
48. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Implement Windows BitLocker Drive Encryption (BitLocker)
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
The Group Policy Management console
Zone transfer settings
49. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Windows Server 2003
The Group Policy Management Console
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
50. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
DSMOD - ADUC
IIS Chared Configuration
Software Restriction Polices
Offline domain join
