Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. If CA PKI needs to support Suite B hashing and encryption algorithms and store keys in AD
Configure Firewall Group Policies and link them at the Domain level
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Then install new Server 2008 R2 Enterprise subordinate CA.
Install Windows Server Backup and modify the Windows firewall settings

2. to increase the reliability of the print server - configure...
Install and share a printer on a server and then enable printer pooling.
Microsoft Application Virtualization (AppV)
Basic Authentication and SSL
Printer driver isolation

3. If you need to minimize the bandwidth for installation
Site
Then configure auto enrollment of certificates and Credential Roaming.
Utilize IFM (Install From Media)
dnscmd

4. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Autonomous mode...This allows the local administrator to approve their own updates.
Utilize IFM (Install From Media)
dnscmd
Include a server that runs Microsoft Office SharePoint Server 2010

5. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Create a Network Load Balancing cluster.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP

6. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Improve the performance of File Servers
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Modify zone transfer settings for company.com zone on DCA

7. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Then use Windows Deployment Services (WDS) on DHCP1.
Event Subscriptions
Jill came down with 2.50.

8. If you want to allow the administrator in each office to manage DHCP scope for their own office - and prevent the administror of one office from managing DHCP scopes on the DHCP server in another office with mimimal admin effort
Domain based DFS namespace and configure a DFS replication group
Dsmgmt
Add George to the Domain Admins group.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.

9. To ensure that a file on a file server do not leave the organization you must implement this.
Incoming external trust
AD RMS
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Ntdsutil

10. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
802.1.x NAP
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.

11. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Configure event log subscriptions
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Import-Module
Deploy a failover cluster that uses Node and File Share Disk Majority

12. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Autonomous mode...This allows the local administrator to approve their own updates.

13. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Microsoft SharePoint Foundation 2010
Improve the performance of File Servers
Install Windows Server Backup and modify the Windows firewall settings
Incoming external trust

14. What role to keep same time as an external server?
Enable - ADoptionalFeature cmdlet
PDC emulator with w32tm.exe
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).

15. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
net stop ntds
Recommend Offline Files
Create a Central Store
Deploy the Root CA certificate to the external computers.

16. An AD LDS instance needs to be replicated from one server to another...
Service user account for AD LDS
Increase the tombstone lifetime for the forest.
PowerShell 2.0
dsa.msc - dsamain.exe - ntdsutil.exe

17. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Add the user to the Domain Admins global group
Configure separate application pools for each application
PowerShell 2.0
Storage manager for SANs

18. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Configure Audit Special Logon and define Special Groups
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
A Distributed File System (DFS) namespace

19. To recover objects deleted from Active Directory you should recommend
Active Directory snapshots and Tombstone reanimation
Ntdsutil
Then use Windows Deployment Services (WDS)
Modify the local policy to point to the Internal WSUS server

20. Ensure password length for a group set to 12 characters long while others keep password policy
Microsoft Application Virtualization (AppV)
Add-ADFineGrainedPasswordPolicySubject cmdlet
The Group Policy Management console
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.

21. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
AD Domains and Trusts
Create a standard secondary of domain and create standard secondary of other domain.
Multipath I/O feature
Passive file screens

22. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
DSMOD - ADUC
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Domain based Distributed File System (DFS) namespace and DFS Replication.
Raise the DFL to Windows Server 2008 R2.

23. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Microsoft Desktop Optimization Pack (MDOP) to your company
Back up to an external USB drive by using Windows Server Backup
Configure Audit Special Logon and define Special Groups
Install Microsoft Secure Socket Tunneling Protocol (SSTP)

24. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Create an e-mail account in AD DS for your RMS users.
Microsoft Application Virtualization (AppV)
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Then install new Server 2008 R2 Enterprise subordinate CA.

25. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Implement Windows BitLocker Drive Encryption (BitLocker)
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
PDC emulator with w32tm.exe

26. Enables you to receive emails when domain users locked out of accounts...
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Event Viewer
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.

27. If users need access to files locally and must be able to access files at another site if the local copy is not available you should implement this.
Share and Storage Management
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Dfsrdiag
A Distributed File System (DFS) namespace

28. File that contains the last logon time and custom attributes values for each user in your forest.
Deploy the Root CA certificate to the external computers.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Get-ADUser cmdlet
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)

29. Need to ensure users receive updated template within five days...
Software Restriction Polices
Microsoft Application Virtualization (AppV)
Registry on users computer needs to be modified
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise

30. If you want to allow single-label name resolution
Then configure GlobalNames zones on each domain controller.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication

31. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Configure block inheritance on the IT OU
Microsoft SharePoint Foundation 2010
Deploy a failover cluster that uses Node and File Share Disk Majority
Dynamically expanding VHD's

32. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Set-ADServiceAccount cmdlet
Create a Network Load Balancing cluster.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.

33. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Configure block inheritance on the IT OU
Assign the application to all client computers by using a GPO.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)

34. Tool to change Directory Services Restore Mode password on Domain Controller...
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
ntdsutil
802.1.x NAP
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)

35. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Create a Network Load Balancing cluster.
Ntdsutil
Additional DFS Targets

36. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Modify zone transfer settings for company.com zone on DCA
Implement folder redirection by using GPO. Then backup the folder redirection target.
Dsmgmt

37. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
PDC emulator with w32tm.exe
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.

38. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Group Policy Preferences
Dsmgmt
Install the RSAT tool on their workstation to provide for more efficient network management
Windows Deployment Services (WDS)

39. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Dsmgmt
Add George to the Domain Admins group.
Create and deploy a logon script that runs Auditpol.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.

40. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Passive file screens
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Use local roles options within "dsmgmt"
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).

41. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Windows System Resource Manager (WSRM)
ntdsutil
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Offline domain join

42. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Multipath I/O feature
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Install and share a printer on a server and then enable printer pooling.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).

43. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Increase the tombstone lifetime for the forest.

44. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
net stop ntds
Configure folder redirection

45. To determine size of AD database file...
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
View properties of %systemroot%ntdsntds.dit
Event Viewer
Run the Delegation of Control Wizard on the Staff OU

46. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
WSUS server in the branch office in replica mode.

47. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Storage manager for SANs
Run auditpol and then configure the Security settings of the Domain Controllers OU.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.

48. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Modify the local policy to point to the Internal WSUS server
Autonomous mode...This allows the local administrator to approve their own updates.
dnscmd
Ntfrsutil

49. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Administrative Role Separation
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Back up to an external USB drive by using Windows Server Backup
Incoming external trust

50. If you need to be able to create shared folders on Server 2008 R2
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Ensure your account - or the group is a member of the local Administrators group for that specific server.