SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Windows Server 2003
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
2. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
Disable Site Link Bridging from the IP properties
Install and share a printer on a server and then enable printer pooling.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Win2000
3. To backup Virtual Machines
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
4. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Network Load Balancing (NLB)
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Add the new UPN suffix to the forest.
Implement Network Access Protection (NAP)
5. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Dsmgmt
Winrm quickconfig
ntdsutil
6. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
AD Rights Management Services
Configure caching on the shared folder (offline files)
DISABLE slow link detection in the GPO
WSUS server in the branch office in replica mode.
7. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Then configure GlobalNames zones on each domain controller.
Microsoft System Center Data Protection Manager 2010
Assign the application to computers in the PC OU
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
8. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Site
Active Directory Domains and Trusts
Install From Media IFM
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
9. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Assign the application to computers in the PC OU
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Execute the Set-ADServiceAccount cmdlet
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
10. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Domain based DFS namespace and configure a DFS replication group
11. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Improve the performance of File Servers
Configure block inheritance on the IT OU
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Administrators is the minimum group membership required to complete this procedure.
12. If you want to implement BitLocker and store recovery informaiton in a central location
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Prestage the computer account in AD
Then use on install image file that contains a single install image.
13. If you need to delegate control of server to remote admins group
Configure RODC for Administrator Role Separation
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Configure Audit Special Logon and define Special Groups
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
14. To defragment and AD database...
Improve the performance of File Servers
Service user account for AD LDS
net stop ntds
Install Windows Server Backup and modify the Windows firewall settings
15. If users complain that it is hard to find the shared folders on the network implement
Purchase one additional Enterprise License
Additional DFS Targets
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Autonomous mode...This allows the local administrator to approve their own updates.
16. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Windows XP Mode
Event Log Subscriptions
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Add George to the Domain Admins group.
17. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Configure block inheritance on the IT OU
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
18. To be able to user an application from one AD FS with authentication server to another...
Modify properties of RODC server computer account.
A relying party trust should be created.
AD Rights Management Services
Create ADMX and ADML files. Configure the GPO and link it to the domain.
19. New password settings object (PSO) created and needs to be applied to user
Properties of PSO need modified
Create a new Password Settings Object (PSO) for the IT users.
Incoming external trust
Basic Authentication and SSL
20. To restore previous version of script without taking up too much of time...
Add the user to the Domain Admins global group
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Attach VHD file created by Windows server backup
Active Directory snapshots and Tombstone reanimation
21. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Recommend Group Policy preferences
Windows System Resource Manager (WSRM)
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
22. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
23. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Use the Local Roles options with dsmgmt.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Prestage the computer account in AD
Subnet object needs to be created
24. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Purchase one additional Enterprise License
Storage manager for SANs
25. If you need to encrypt all data on all disks
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Then use Windows BitLocker Drive Encryption
Domain based Distributed File System (DFS) namespace and DFS Replication.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
26. In order to manage websites without having to logon you can use
PowerShell 2.0
dsa.msc - dsamain.exe - ntdsutil.exe
Subnet object needs to be created
AD Domains and Trusts
27. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Include a server that runs Microsoft Office SharePoint Server 2010
AD RMS
28. To delegate authority to users to manage only certain areas in Hyper-V use the
Win2000 Native
Authorization Manager role assignment
Network Load Balancing (NLB) cluster
Implement a domain-based DFS namespace that uses replication
29. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Deploy it by using Group Policy Software Installation method
Create a Network Load Balancing cluster.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
30. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Ldp
Active Directory Domains and Trusts
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
31. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Configure caching on the shared folder and configure offline files to use encryption
32. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Microsoft Desktop Optimization Pack (MDOP)
Create a Network Load Balancing cluster.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Increase the tombstone lifetime for the forest.
33. If you want to allow single-label name resolution
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Then configure GlobalNames zones on each domain controller.
net stop ntds
34. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
A Distributed File System (DFS) namespace
Properties of PSO need modified
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Site
35. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Microsoft Desktop Optimization Pack (MDOP) to your company
Disable Site Link Bridging from the IP properties
Utilize IFM (Install From Media)
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
36. To ensure that a file on a file server do not leave the organization you must implement this.
From Server A - run Create Basic Task Wizard
AD RMS
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Ntfrsutil
37. If a file server reaches 15% free disk space - you could free up some disk space by
Creating a data collector set that kick off a scritp that either move or delete files.
Configure RODC for Administrator Role Separation
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Create a standard secondary of domain and create standard secondary of other domain.
38. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Event Subscriptions
PDC emulator with w32tm.exe
Configure folder redirection
Modify the local policy to point to the Internal WSUS server
39. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Properties of PSO need modified
Encrypting File System (EFS). This can be enabled locally or through a GPO.
40. To be able to manage all the corporate servers from a workstation - you must install the
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Multipath I/O feature
Network Load Balancing (NLB) cluster
Use the Local Roles options with dsmgmt.
41. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Ntfrsutil
Recommend GPT and basic disks
Domain based Distributed File System (DFS) namespace and DFS Replication.
Dsmgmt
42. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Recommend Active Directory delegation
Modify zone transfer settings for company.com zone on DCA
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
43. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Configure the zone as an Activde Directory-Integrated zone.
Then configure GlobalNames zones on each domain controller.
Folder redirection. Folder redirection is also useful when using roamin profiles.
WSUS server in the branch office in replica mode.
44. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Enable Windows Remote Management (WinRM) on the servers.
Include a server that runs Microsoft Office SharePoint Server 2010
Raise the DFL to Windows Server 2008 R2.
45. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Domain based Distributed File System (DFS) will reduce network traffic
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Enable Credential Roaming
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
46. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Subnet object needs to be created
Create a new Password Settings Object (PSO) for the IT users.
A Distributed File System (DFS) namespace
47. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Add George to the Domain Admins group.
The Group Policy Management Console
48. To compact AD database...
Purchase one additional Enterprise License
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
FILES option within Ntdsutil
Install and share a printer on a server and then enable printer pooling.
49. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Deploy a failover cluster that uses Node and File Share Disk Majority
Dfsrdiag
50. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Dsmgmt
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array