Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. To create and additional AD LDS applicaiton directory partition in existing instance...
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Ldp
PowerShell 2.0
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).

2. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
Set-ADServiceAccount cmdlet
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Enable Credential Roaming

3. If you want to allow single-label name resolution
The Group Policy Management Console
Create a Central Store
Then configure GlobalNames zones on each domain controller.
Incoming external trust

4. UPN Suffix xxxx.com needs to be available for user accounts...
Configure event log subscriptions
Add the new UPN Suffix to the forest
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).

5. Ensure password length for a group set to 12 characters long while others keep password policy
Recommend GPT and basic disks
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Install Hyper-V role and convert physical machines into virtual machines
Add-ADFineGrainedPasswordPolicySubject cmdlet

6. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Active Directory Domains and Trusts
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Add the Windows Server Backup feature and Windows System Image recovery.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

7. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Repadmin
Modify zone transfer settings for company.com zone on DCA
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster

8. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Upgrading DFS to Windows Server 2008 R2
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Configure authorization rules for Web developers on each web server
Registry on users computer needs to be modified

9. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Ntfrsutil
Zone transfer settings
Microsoft SharePoint Foundation 2010
Add George to the Domain Admins group.

10. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Ntfrsutil
Ntdsutil
Modify properties of RODC server computer account.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.

11. To identify users who bypass the new corporate security policy -
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Configure Audit Special Logon and define Special Groups
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.

12. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Raise the DFL to Windows Server 2008 R2.
Run the Delegation of Control Wizard on the Staff OU
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Add the new UPN Suffix to the forest

13. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office

14. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
View properties of %systemroot%ntdsntds.dit
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Install From Media IFM
Reinstall AD DS on DCC.company.com as a WRITABLE DC.

15. New password settings object (PSO) created and needs to be applied to user
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Properties of PSO need modified
Autonomous mode...This allows the local administrator to approve their own updates.
Upgrading DFS to Windows Server 2008 R2

16. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Install Hyper-V role and convert physical machines into virtual machines
Configure the zone as an Activde Directory-Integrated zone.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Ldp

17. 4 steps to perform authoritative restore of a deleted OU...
FILES option within Ntdsutil
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Utilize IFM (Install From Media)
Microsoft SharePoint Foundation 2010

18. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

19. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
dsa.msc - dsamain.exe - ntdsutil.exe
Implement folder redirection by using GPO. Then backup the folder redirection target.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.

20. To backup to tape/robotic tape and to backup VMs you must use...
Authorization Manager
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Microsoft System Center Data Protection Manager 2010
Registry on users computer needs to be modified

21. What role to keep same time as an external server?
Recommend Active Directory delegation
PDC emulator with w32tm.exe
Authorization Manager role assignment
net stop ntds

22. To allow a specifc user or group to manage the address information for the user accounts...
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
DFL needs to be Windows Server 2008
Subnet object needs to be created
Recommend Active Directory delegation

23. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

24. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Use a GPO to configure device installation restrictions
dnscmd tool
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent

25. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
A relying party trust should be created.
Add-ADFineGrainedPasswordPolicySubject cmdlet

26. If you need to encrypt all data on all disks
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Microsoft System Center Data Protection Manager 2010
Then use Windows BitLocker Drive Encryption
Multipath I/O feature

27. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

28. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Windows BitLocker Drive Encryption (Bit Locker)
Test-AppLockerPolicy
Add George to the Domain Admins group.
Microsoft System Center Data Protection Manager

29. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Test-AppLockerPolicy
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
A Distributed File System (DFS) namespace
Enable Windows Remote Management (WinRM) on each server.

30. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

31. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Software Restriction Polices
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.

32. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Winrm quickconfig
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.

33. To make deploying the custom Word dictionary easy
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Active Directory snapshots and Tombstone reanimation
Recommend Group Policy preferences
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.

34. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Deploy the Root CA certificate to the external computers.
Assign the application to computers in the PC OU
Site

35. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Changed manually
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur

36. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
MEDV to deploy virtual desktops
Configure separate application pools for each application
Implement Windows System Resource Manager (WSRM) and configure user policies

37. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
Administrative Role Separation
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
CAPublishGP group should have the Manage CA permission.
Software Restriction Polices

38. What should be done to ensure changes made to AD objects can be logged?
Windows BitLocker Drive Encryption (Bit Locker)
Domain based DFS namespace and configure a DFS replication group
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU

39. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Implement a GPO for each domain
Creating a data collector set that kick off a scritp that either move or delete files.
Create an Active Directory-Integrated zone.

40. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

41. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Backup operator's domain local group
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary

42. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Incoming external trust
Disable Site Link Bridging from the IP properties
Dynamically expanding VHD's
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up

43. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
IIS Manager user account
Deploy a failover cluster that uses Node and File Share Disk Majority
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Then use Windows BitLocker Drive Encryption

44. To create AD Domain Services snapshot
DISABLE slow link detection in the GPO
Administrators is the minimum group membership required to complete this procedure.
Ntdsutil
Add the new UPN Suffix to the forest

45. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Active Directory Domains and Trusts
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Configure the zone as an Activde Directory-Integrated zone.
Group Policy Preferences

46. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Configure block inheritance on the IT OU
Autonomous mode...This allows the local administrator to approve their own updates.
Registry on users computer needs to be modified
Deploy it by using Group Policy Software Installation method

47. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Purchase one additional Enterprise License
Dfsrdiag
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced

48. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
fsconfig on FSSrv2
Configure caching on the shared folder (offline files)
Install Hyper-V role and convert physical machines into virtual machines

49. To recover objects deleted from Active Directory you should recommend
Add the Windows Server Backup feature and Windows System Image recovery.
Create an Active Directory-Integrated zone.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Active Directory snapshots and Tombstone reanimation

50. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Domain based DFS namespace and configure a DFS replication group