SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
2. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
Deploy it by using Group Policy Software Installation method
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Network Load Balancing (NLB)
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
3. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
Configure the zone as an Activde Directory-Integrated zone.
Distributed File System (DFS) Replication
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
4. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
DFL needs to be Windows Server 2008
IIS Manager user account
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Run adprep /forestprep and adprep /domainprep
5. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Utilize IFM (Install From Media)
From Server A - run Create Basic Task Wizard
Dfsrdiag
6. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
WDS
Attach VHD file created by Windows server backup
Implement folder redirection by using GPO. Then backup the folder redirection target.
Implement a GPO for each domain
7. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
The Group Policy Management console
Attach VHD file created by Windows server backup
Set-ADServiceAccount cmdlet
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
8. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Install Hyper-V role and convert physical machines into virtual machines
Windows Server 2003
Disable Site Link Bridging from the IP properties
Authorization Manager
9. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Jill came down with 2.50.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
10. If you need to allow an external partner's computer to access internal network resources by using SSTP
Deploy the Root CA certificate to the external computers.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Group Policy Preferences
Implement Windows BitLocker Drive Encryption (BitLocker)
11. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Configure separate application pools for each application
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
12. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Configure event log subscriptions
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
13. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Refresh the zone on DNS2
Implement Network Access Protection (NAP)
fsconfig on FSSrv2
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
14. When deploying an application using the Group Policy distribution method assign the...
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Implement Windows System Resource Manager (WSRM)
15. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Active Directory Users and Computers utility
Implement folder redirection by using GPO. Then backup the folder redirection target.
Refresh the zone on DNS2
16. Need to access some resources in another domain that is part of another forest...What trust is created?
Microsoft SharePoint Foundation 2010
Incoming external trust
Certificate Templates
Windows BitLocker Drive Encryption (Bit Locker)
17. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Then configure auto enrollment of certificates and Credential Roaming.
Event Log Subscriptions
Microsoft Desktop Optimization Pack (MDOP)
18. Tool to change Directory Services Restore Mode password on Domain Controller...
Set-ADServiceAccount cmdlet
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
ntdsutil
19. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Configure event log subscriptions
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Encrypting File System (EFS). This can be enabled locally or through a GPO.
20. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Offline domain join
Implement a GPO for each domain
Implement Windows BitLocker Drive Encryption (BitLocker)
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
21. What role to keep same time as an external server?
Create a Network Load Balancing cluster.
Import-Module
Back up to an external USB drive by using Windows Server Backup
PDC emulator with w32tm.exe
22. To restore previous version of script without taking up too much of time...
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Attach VHD file created by Windows server backup
Back up to an external USB drive by using Windows Server Backup
Active Directory Domains and Trusts
23. When service account passwords need to be changed for SQL they should be...
net stop ntds
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Changed manually
24. You need to recommend a BitLocker recovery method you should recommend this.
Enable Windows Remote Management (WinRM) on each server.
Data Recovery Agent
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
25. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Domain based DFS namespace and configure a DFS replication group
WSUS server in the branch office in replica mode.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
PowerShell 2.0
26. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
From Server1 - run the Create Basic Task Wizard
FILES option within Ntdsutil
27. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
28. Enables you to receive emails when domain users locked out of accounts...
Role Separation
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Event Viewer
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
29. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Network Load Balancing (NLB) cluster
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Create and deploy a logon script that runs Auditpol.
30. What GPO setting should be configured to prevent all users from running an application?
Software Restriction Polices
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Add the user to the Domain Admins global group
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
31. For the users that work remotely that need access to files from the corporate office you should...
Dsmgmt
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Incoming external trust
Recommend Offline Files
32. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Network Load Balancing (NLB) cluster
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Active Directory Domains and Trusts
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
33. To create AD Domain Services snapshot
Ntdsutil
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Active Directory Domains and Trusts
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
34. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Dfsrdiag
WDS
35. PowerShell script to create user accounts with passwords from a file called password.csv
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Active Directory Users and Computers
36. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Offline domain join
Deploy a failover cluster that uses Node and File Share Disk Majority
Configure authorization rules for Web developers on each web server
Use CISCO IP Helper command to configure.
37. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Run adprep /forestprep and adprep /domainprep
IIS Chared Configuration
Incoming external trust
38. What should be done first to defragment the AD database?
Then configure auto enrollment of certificates and Credential Roaming.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Run net stop ntds
Install Windows Server Backup and modify the Windows firewall settings
39. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Include a server that runs Microsoft Office SharePoint Server 2010
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
40. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Test-AppLockerPolicy
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Recommend Group Policy preferences
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
41. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Use local roles options within "dsmgmt"
DISABLE slow link detection in the GPO
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
42. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Implement one LUN for the quorum and another LUN for the data
43. 4 steps to perform offline Defragmentation of AD database...
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Configure authorization rules for Web developers on each web server
Deploy a failover cluster that contains one node in each office.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
44. FFL is...
Software Restriction Polices
Microsoft Desktop Optimization Pack (MDOP)
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Win2000
45. You need to ensure that the guest account on all servers is disabled to
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Implement Network Access Protection (NAP)
Discover the run Microsoft Baseline Security Analyzer (MBSA)
DSMOD - ADUC
46. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
47. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Authorization Manager
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
The Group Policy Management Console
48. To prevent account password from being cached on RODC server...
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Then use Windows Deployment Services (WDS)
Modify properties of RODC server computer account.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
49. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
Use local roles options within "dsmgmt"
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
The Group Policy Management console
Win2000 Native
50. to prevent VMs from receiving updats from a group policy
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Install From Media IFM
