SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To backup to tape/robotic tape and to backup VMs you must use...
PDC emulator with w32tm.exe
Network Load Balancing (NLB) cluster
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Microsoft System Center Data Protection Manager 2010
2. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
dnscmd
Create and deploy a logon script that runs Auditpol.
IIS Manager user account
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
3. To allow a specifc user or group to manage the address information for the user accounts...
Authorization Manager role assignment
Recommend Active Directory delegation
Then use Windows Deployment Services (WDS) on DHCP1.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
4. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
802.1.x NAP
Install Hyper-V role and convert physical machines into virtual machines
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Add the user to the Domain Admins global group
5. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
6. If you need to ensure that data is protected by BitLocker then you will...
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
NOT be able to store that data on an iSCSI SAN
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Then use Windows Deployment Services (WDS) on DHCP1.
7. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Then install new Server 2008 R2 Enterprise subordinate CA.
Enable Windows Remote Management (WinRM) on each server.
Microsoft Application Virtualization (AppV)
Then use Windows Deployment Services (WDS) on DHCP1.
8. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Windows Deployment Services (WDS)
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
9. You need to allow a user to add a single computer to a domain - without any additional rights...
Backup operator's domain local group
Dfsrdiag
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Prestage the computer account in AD
10. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
Add-ADFineGrainedPasswordPolicySubject cmdlet
Install and share a printer on a server and then enable printer pooling.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Deploy a GPO for the Sales OU
11. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Then use Windows Deployment Services (WDS)
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Site
Software Restriction Polices
12. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
FILES option within Ntdsutil
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Implement Shadow Copies
Network Load Balancing (NLB)
13. When recommending a monitoring solution for an application so that it's events can be stored in a central
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Event Subscriptions
Implement File Server Resource Manager (FSRM) quotas on the desired servers
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
14. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
WDS
Configure Audit Special Logon and define Special Groups
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
15. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Microsoft Desktop Optimization Pack (MDOP) to your company
Then use Windows Deployment Services (WDS)
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
16. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Share and Storage Management
Repadmin
CAPublishGP group should have the Manage CA permission.
FFL Windows Server 2008 R2
17. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Recommend Active Directory delegation
Configure offline files and enable manual caching
Enable Credential Roaming
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
18. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Domain based Distributed File System (DFS) namespace and DFS Replication.
Configure RODC for Administrator Role Separation
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
19. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
dnscmd tool
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
From Server1 - run the Create Basic Task Wizard
20. To minimize the amount of storage required you should recommend
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Share and Storage Management
View properties of %systemroot%ntdsntds.dit
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
21. Auditing the deletion of Registry keys on all Domain Controllers
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Add the Windows Server Backup feature and Windows System Image recovery.
22. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Zone transfer settings
Distributed File System (DFS) Replication
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Domain based Distributed File System (DFS) namespace and DFS Replication.
23. What utility is used to see what accounts cached on RODC?
Active Directory Users and Computers
Install From Media IFM
Network Load Balancing (NLB)
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
24. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Enable Windows Remote Management (WinRM) on the servers.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Then install new Server 2008 R2 Enterprise subordinate CA.
25. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
An Active Directory subnet object needs to be created.
Windows Deployment Services (WDS)
Active Directory Users and Computers
Implement Network Access Protection (NAP)
26. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
Create an Active Directory-Integrated zone.
Raise the DFL to Windows Server 2008 R2.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
27. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Then configure auto enrollment of certificates and Credential Roaming.
Repadmin
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Configure separate application pools for each application
28. Striped volumes
Increase the tombstone lifetime for the forest.
Improve the performance of File Servers
Role Separation
Ldp
29. If you need to minimize the bandwidth for installation
Attach VHD file created by Windows server backup
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Add the Windows Server Backup feature and Windows System Image recovery.
Utilize IFM (Install From Media)
30. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Increase the tombstone lifetime for the forest.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Then configure auto enrollment of certificates and Credential Roaming.
31. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
PDC emulator with w32tm.exe
Implement one LUN for the quorum and another LUN for the data
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
MEDV to deploy virtual desktops
32. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
Use local roles options within "dsmgmt"
File Server Resource Manager (FSRM) quotas and file screens
Set-ADServiceAccount cmdlet
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
33. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
The Group Policy Management console
Configure block inheritance on the IT OU
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Recommend Active Directory delegation
34. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Microsoft System Center Data Protection Manager
Creating a data collector set that kick off a scritp that either move or delete files.
Winrm quickconfig
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
35. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Network Load Balancing (NLB) cluster
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Dfsrdiag
Active Directory snapshots and Tombstone reanimation
36. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Modify the local policy to point to the Internal WSUS server
Site
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Enable Windows Remote Management (WinRM) on each server.
37. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Implement folder redirection by using GPO. Then backup the folder redirection target.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Add the new UPN suffix to the forest.
Add George to the Domain Admins group.
38. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Configure the zone as an Activde Directory-Integrated zone.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Install the RSAT tool on their workstation to provide for more efficient network management
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
39. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Configure authorization rules for Web developers on each web server
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
MEDV to deploy virtual desktops
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
40. To restore previous version of script without taking up too much of time...
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Subnet object needs to be created
Deploy a GPO to the WebSrvOU
Attach VHD file created by Windows server backup
41. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
Recommend Group Policy preferences
Dynamically expanding VHD's
Dsmgmt
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
42. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Then use Windows BitLocker Drive Encryption
Include a server that runs Microsoft Office SharePoint Server 2010
FILES option within Ntdsutil
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
43. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Configure caching on the shared folder (offline files)
Create a MEDV workspace
FILES option within Ntdsutil
net stop ntds
44. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Win2000
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Modify the schema of LDSInst1
45. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Configure offline files and enable manual caching
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Disable Site Link Bridging from IP Properties
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
46. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Modify the schema of LDSInst1
Add the user to the Domain Admins global group
Utilize IFM (Install From Media)
Win2000
47. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
Create a standard secondary of domain and create standard secondary of other domain.
Add the new UPN Suffix to the forest
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Then use on install image file that contains a single install image.
48. 4 steps to perform authoritative restore of a deleted OU...
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Microsoft Desktop Optimization Pack (MDOP) to your company
Create a MEDV workspace
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
49. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Then use on install image file that contains a single install image.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Dynamically expanding VHD's
50. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
WSUS server in the branch office in replica mode.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
