SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Implement GPO for all client computers
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
The Group Policy Management Console
2. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Configure authorization rules for Web developers on each web server
Create an e-mail account in AD DS for your RMS users.
3. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Implement Windows BitLocker Drive Encryption (BitLocker)
Basic Authentication and SSL
Test-AppLockerPolicy
Create a Central Store
4. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Set-ADServiceAccount cmdlet
Repadmin
Windows Deployment Services (WDS)
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
5. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Configure Firewall Group Policies and link them at the Domain level
Upgrading DFS to Windows Server 2008 R2
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
6. Need to ensure users receive updated template within five days...
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Registry on users computer needs to be modified
7. When one needs to audit files - folders - printers and the registry enable
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Create an Active Directory-Integrated zone.
An Active Directory subnet object needs to be created.
8. Jack and Jill go up the hill - both with a buck and a quarter
Jill came down with 2.50.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Implement Windows BitLocker Drive Encryption (BitLocker)
Event Subscriptions
9. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Assign the application to all client computers by using a GPO.
Enable - ADoptionalFeature cmdlet
Dsmgmt
10. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Assign the application to all client computers by using a GPO.
Assign the application to computers in the PC OU
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Certificate Templates
11. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
From Server1 - run the Create Basic Task Wizard
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
12. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Active Directory Right Management Services (AD RMS)
Recommend GPT and basic disks
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Repadmin
13. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Attach VHD file created by Windows server backup
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Configure separate application pools for each application
Active Directory Right Management Services (AD RMS)
14. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Autonomous mode...This allows the local administrator to approve their own updates.
Refresh the zone on DNS2
Create and deploy a logon script that runs Auditpol.
Active Directory Users and Computers
15. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Incoming external trust
16. You need to allow a user to add a single computer to a domain - without any additional rights...
Prestage the computer account in AD
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Basic Authentication and SSL
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
17. GPO setting to prevent all users from running an application
Software Restriction Polices
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
DFL needs to be Windows Server 2008
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
18. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Implement Windows System Resource Manager (WSRM) and configure user policies
Configure Audit Special Logon and define Special Groups
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
19. If you need to be able to create shared folders on Server 2008 R2
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Configure caching on the shared folder and configure offline files to use encryption
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Use a GPO to configure device installation restrictions
20. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Implement the Windows Search Service.
Prestage the computer account in AD
Run the Delegation of Control Wizard on the Staff OU
Improve the performance of File Servers
21. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
The Group Policy Management Console
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Then install new Server 2008 R2 Enterprise subordinate CA.
22. In order to manage websites without having to logon you can use
Creating a data collector set that kick off a scritp that either move or delete files.
Authorization Manager role assignment
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
PowerShell 2.0
23. You need to ensure that the guest account on all servers is disabled to
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
24. If you need to minimize the bandwidth for installation
Utilize IFM (Install From Media)
Then use Windows Deployment Services (WDS)
Configure Audit Special Logon and define Special Groups
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
25. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Perform an authoritative restore
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Get-ADUser cmdlet
26. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
dnscmd
Implement Shadow Copies
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Windows XP Mode
27. If you want to allow the administrator in each office to manage DHCP scope for their own office - and prevent the administror of one office from managing DHCP scopes on the DHCP server in another office with mimimal admin effort
Changed manually
From Server1 - run the Create Basic Task Wizard
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
28. You need to recommend a BitLocker recovery method you should recommend this.
Attach VHD file created by Windows server backup
Include a server that runs Microsoft Office SharePoint Server 2010
Assign the application to computers in the PC OU
Data Recovery Agent
29. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
AD RMS
Use a GPO to configure device installation restrictions
Create a new Password Settings Object (PSO) for the IT users.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
30. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Offline domain join
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
31. To replicate SYSVOL using Distributed File System Replication (DFSR)...
DFL needs to be Windows Server 2008
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Assign the application to computers in the PC OU
Modify zone transfer settings for company.com zone on DCA
32. If a file server reaches 15% free disk space - you could free up some disk space by
DSMOD - ADUC
Create an e-mail account in AD DS for your RMS users.
Creating a data collector set that kick off a scritp that either move or delete files.
Install Windows Server Backup and modify the Windows firewall settings
33. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Get-ADUser cmdlet
Install and share a printer on a server and then enable printer pooling.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Create a new Password Settings Object (PSO) for the IT users.
34. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Run adprep /forestprep and adprep /domainprep
Add George to the Domain Admins group.
Active Directory snapshots and Tombstone reanimation
Service user account for AD LDS
35. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
36. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Create a Central Store
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
37. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
38. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
39. New password settings object (PSO) created and needs to be applied to user
Properties of PSO need modified
Modify zone transfer settings for company.com zone on DCA
Dfsrdiag
Modify the GPO to include folder redirection
40. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Subnet object needs to be created
Enable Windows Remote Management (WinRM) on the servers.
Dfsrdiag
DSMOD - ADUC
41. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Create an Active Directory-Integrated zone.
Then use on install image file that contains a single install image.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Event Viewer
42. To backup GPO's in domain and minimize bakcup...
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Windows BitLocker Drive Encryption (Bit Locker)
The Group Policy Management Console
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
43. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Configure RODC for Administrator Role Separation
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Offline domain join
44. To delegate authority to users to manage only certain areas in Hyper-V use the
DSMOD - ADUC
From Server1 - run the Create Basic Task Wizard
Authorization Manager role assignment
Software Restriction Polices
45. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
DSMOD
The Group Policy Management Console
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
46. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
WSUS server in the branch office in replica mode.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Perform an authoritative restore
Network Load Balancing (NLB) cluster
47. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
Create an e-mail account in AD DS for your RMS users.
Recommend Group Policy preferences
Software Restriction Polices
Registry on users computer needs to be modified
48. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Network Load Balancing (NLB) cluster
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Passive file screens
Configure separate application pools for each application
49. If you need to delegate control of server to remote admins group
Configure RODC for Administrator Role Separation
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Administrators is the minimum group membership required to complete this procedure.
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
50. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Implement Windows System Resource Manager (WSRM)
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
