SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Assign the application to computers in the PC OU
Network Load Balancing (NLB)
Use Netsh tool from administrator's computer.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
2. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
fsconfig on FSSrv2
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
3. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Dsmgmt
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Implement Shadow Copies
Windows System Resource Manager (WSRM)
4. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
Configure authorization rules for Web developers on each web server
Attach VHD file created by Windows server backup
Implement Shadow Copies
Then use on install image file that contains a single install image.
5. When service account passwords need to be changed for SQL they should be...
AD Rights Management Services
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Changed manually
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
6. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Authorization Manager
Add George to the Domain Admins group.
7. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
net stop ntds
Network Load Balancing (NLB) cluster
Deploy a failover cluster that uses Node and File Share Disk Majority
Enable Windows Remote Management (WinRM) on the servers.
8. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Run the Delegation of Control Wizard on the Staff OU
DFL needs to be Windows Server 2008
Configure Firewall Group Policies and link them at the Domain level
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
9. New password settings object (PSO) created and needs to be applied to user
Properties of PSO need modified
Active Directory Domains and Trusts
From Server A - run Create Basic Task Wizard
Implement Distributed File System Replication (DFSR) on both servers
10. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
11. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
12. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Registry on users computer needs to be modified
Passive file screens
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
13. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Implement Windows System Resource Manager (WSRM) and configure user policies
Microsoft Application Virtualization (AppV)
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Ldp
14. You need to design your WSUS infrastructure so that updates are highly available. To do so
Perform an authoritative restore
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Active Directory Users and Computers
15. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Implement the Windows Search Service.
Domain based DFS namespace and configure a DFS replication group
Ntdsutil
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
16. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Winrm quickconfig
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Creating a data collector set that kick off a scritp that either move or delete files.
17. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Windows System Resource Manager (WSRM)
18. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Deploy the Root CA certificate to the external computers.
Active Directory snapshots and Tombstone reanimation
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
IIS Chared Configuration
19. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Recommend Offline Files
Incoming external trust
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
20. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
21. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Enable Windows Remote Management (WinRM) on each server.
Win2000
DFL needs to be Windows Server 2008
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
22. To modify several user accounts to a new UPN suffix
Active Directory Users and Computers utility
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Create an Active Directory-Integrated zone.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
23. If you need to minimize the bandwidth for installation
Windows System Resource Manager (WSRM)
Utilize IFM (Install From Media)
Test-AppLockerPolicy
Administrative Role Separation
24. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Disable Site Link Bridging from IP Properties
Windows BitLocker Drive Encryption (Bit Locker)
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Ldp
25. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Offline domain join
Domain based Distributed File System (DFS) namespace and DFS Replication.
Windows BitLocker Drive Encryption (Bit Locker)
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
26. You need to allow a user to add a single computer to a domain - without any additional rights...
Prestage the computer account in AD
Network Load Balancing (NLB) cluster
Then use Windows BitLocker Drive Encryption
Configure folder redirection
27. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Then use Windows Deployment Services (WDS)
Microsoft System Center Data Protection Manager 2010
28. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
AD Rights Management Services
Software Restriction Polices
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Create and deploy a logon script that runs Auditpol.
29. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Refresh the zone on DNS2
Add-ADFineGrainedPasswordPolicySubject cmdlet
Install Windows Server Backup and modify the Windows firewall settings
Assign the application to all client computers by using a GPO.
30. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Administrative Role Separation
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Create a MEDV workspace
31. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Back up to an external USB drive by using Windows Server Backup
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Win2000 Native
Implement the Windows Search Service.
32. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Group Policy Preferences
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
33. To build a highly secure server cluster with a reduced attack surface area
Share and Storage Management
Dsmgmt
Jill came down with 2.50.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
34. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Import-Module
Event Log Subscriptions
Create an Active Directory-Integrated zone.
Install the RSAT tool on their workstation to provide for more efficient network management
35. To join a server/PC outside of the domain to the network...
Set-ADServiceAccount cmdlet
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Create and deploy a logon script that runs Auditpol.
36. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Creating a data collector set that kick off a scritp that either move or delete files.
Multipath I/O feature
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
37. When deploying an application using the Group Policy distribution method assign the...
Then install new Server 2008 R2 Enterprise subordinate CA.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Printer driver isolation
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
38. The strongest form of NAP is
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Test-AppLockerPolicy
Then use Windows Deployment Services (WDS) on DHCP1.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
39. To allow for an application on a Remote Desktop Server to be available through document invocation - you must
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Use a GPO to configure device installation restrictions
Group Policy Preferences
40. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Create a MEDV workspace
Software Restriction Polices
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
41. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Implement Windows System Resource Manager (WSRM)
Implement folder redirection by using GPO. Then backup the folder redirection target.
42. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Ntdsutil
Network Load Balancing (NLB) cluster
Active Directory Right Management Services (AD RMS)
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
43. You need to relocate an AD LDS instance from C: Drive to D: Drive
Dsmgmt
Backup operator's domain local group
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Modify the GPO to include folder redirection
44. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Implement a domain-based DFS namespace that uses replication
Storage manager for SANs
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
45. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Create a MEDV workspace
Implement Shadow Copies
46. What GPO setting should be configured to prevent all users from running an application?
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Add the user to the Domain Admins global group
Software Restriction Polices
Additional DFS Targets
47. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Create and deploy a logon script that runs Auditpol.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Deploy a GPO to the WebSrvOU
Implement one LUN for the quorum and another LUN for the data
48. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Configure separate application pools for each application
Passive file screens
Authorization Manager role assignment
Configure offline files and enable manual caching
49. Can be used to install the Windows RE on existing servers
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
WDS
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
50. You need a solution that meets policy while minimizing hardware and software costs
Active Directory Domains and Trusts
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Create a new Password Settings Object (PSO) for the IT users.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.