Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. To create AD Domain Services snapshot
Ntdsutil
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Domain based Distributed File System (DFS) namespace and DFS Replication.
Group Policy Preferences

2. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Use Netsh tool from administrator's computer.
Deploy the Root CA certificate to the external computers.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Install the RSAT tool on their workstation to provide for more efficient network management

3. If CA PKI needs to support Suite B hashing and encryption algorithms and store keys in AD
Attach VHD file created by Windows server backup
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Then install new Server 2008 R2 Enterprise subordinate CA.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie

4. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Deploy it by using Group Policy Software Installation method
Create a new Password Settings Object (PSO) for the IT users.
Software Restriction Polices
Attach VHD file created by Windows server backup

5. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Active Directory Domains and Trusts
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Configure caching on the shared folder (offline files)

6. When using Remote Desktop and Remote Desktop Session hosts - to be able to control both who can gain access - and to what - on the network configure;
Test-AppLockerPolicy
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Configure folder redirection
Implement Shadow Copies

7. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
From Server1 - run the Create Basic Task Wizard
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.

8. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
AD RMS
Restore-ADObject cmdlet
Microsoft SharePoint Foundation 2010

9. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Recommend Group Policy preferences
Create and deploy a logon script that runs Auditpol.
Multipath I/O feature
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up

10. Capture all replication errors from all your DCs to a central location...
Configure event log subscriptions
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.

11. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Network Load Balancing (NLB)
Implement Distributed File System Replication (DFSR) on both servers
DSMOD - ADUC
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.

12. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

13. To replicate SYSVOL using Distributed File System Replication (DFSR)...
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
DFL needs to be Windows Server 2008
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.

14. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Backup operator's domain local group
FILES option within Ntdsutil
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.

15. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Event Viewer
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.

16. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Jill came down with 2.50.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Restore-ADObject cmdlet

17. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Add George to the Domain Admins group.
Authorization Manager
A Distributed File System (DFS) namespace
Install From Media IFM

18. To join a server/PC outside of the domain to the network...
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Then configure GlobalNames zones on each domain controller.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced

19. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Implement Windows System Resource Manager (WSRM) and configure user policies
Windows Server 2003
Enable Windows Remote Management (WinRM) on the servers.

20. You need to deploy a sales application that only the sales users must have access to
Microsoft System Center Data Protection Manager 2010
Deploy a GPO for the Sales OU
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Upgrading DFS to Windows Server 2008 R2

21. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Create a Network Load Balancing cluster.
Group Policy Preferences
Zone transfer settings
Your machine and remote desktops

22. 4 steps to perform offline Defragmentation of AD database...
Deploy a failover cluster that uses Node and File Share Disk Majority
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Use a GPO to configure device installation restrictions
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition

23. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Then configure auto enrollment of certificates and Credential Roaming.
Implement Shadow Copies
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.

24. You need to recommend a BitLocker recovery method you should recommend this.
Changed manually
net stop ntds
Data Recovery Agent
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.

25. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Share and Storage Management
Ntfrsutil
Offline domain join
Perform an authoritative restore

26. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Share and Storage Management
Configure the zone as an Activde Directory-Integrated zone.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.

27. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Microsoft Application Virtualization (AppV)
NOT be able to store that data on an iSCSI SAN
Deploy a failover cluster that contains one node in each office.
Then use Windows Deployment Services (WDS) on DHCP1.

28. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Attach VHD file created by Windows server backup
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Create a new Password Settings Object (PSO) for the IT users.

29. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

30. To be able to user an application from one AD FS with authentication server to another...
Win2000 Native
Deploy a failover cluster that contains one node in each office.
A relying party trust should be created.
Create an e-mail account in AD DS for your RMS users.

31. To delegate authority to users to manage only certain areas in Hyper-V use the
Enable Windows Remote Management (WinRM) on the servers.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Authorization Manager role assignment
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.

32. What shold be done to configure AD RMS so users can protect their data?
Deploy a failover cluster that contains one node in each office.
The Group Policy Management Console
Back up to an external USB drive by using Windows Server Backup
Create an e-mail account in AD DS for your RMS users

33. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

34. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Dfsrdiag
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Restore-ADObject cmdlet

35. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Use the Local Roles options with dsmgmt.
Enable Credential Roaming
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Active Directory Users and Computers utility

36. If you want to allow the administrator in each office to manage DHCP scope for their own office - and prevent the administror of one office from managing DHCP scopes on the DHCP server in another office with mimimal admin effort
Dynamically expanding VHD's
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Create an e-mail account in AD DS for your RMS users
dnscmd

37. To enable the AD Recycle Bin
Configure offline files and enable manual caching
Dsmgmt
Dynamically expanding VHD's
Enable - ADoptionalFeature cmdlet

38. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Winrm quickconfig
Incoming external trust
Implement Windows BitLocker Drive Encryption (BitLocker)
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.

39. You have a main office that contains two domain controllers and a branch office that has an RODC. What should be done so that a user named George can install updates on the RODC while preventing George from logging on to any other domain controller?
Modify properties of RODC server computer account.
Event Log Subscriptions
Enable Windows Remote Management (WinRM) on the servers.
Use the Local Roles options with dsmgmt.

40. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Implement Windows System Resource Manager (WSRM) and configure user policies
Increase the tombstone lifetime for the forest.
The Group Policy Management console

41. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Win2000 Native
Dfsrdiag

42. Ensure password length for a group set to 12 characters long while others keep password policy
Add-ADFineGrainedPasswordPolicySubject cmdlet
DSMOD - ADUC
Creating a data collector set that kick off a scritp that either move or delete files.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)

43. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Include a server that runs Microsoft Office SharePoint Server 2010
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

44. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
Dfsrdiag
Distributed File System (DFS) Replication
Improve the performance of File Servers
Backup operator's domain local group

45. To update ADRMS password...
AD Rights Management Services
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Microsoft Desktop Optimization Pack (MDOP) to your company
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.

46. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Implement Network Access Protection (NAP)
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.

47. There's an AD domain named company.com. There are 3 DC's that also hold the DNS server role which host an ADI zone named company.com. This zone is configured to update settings to Secure only Dynamic Updates. The CIO has issued a new security policy
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Ntdsutil

48. To prevent account password from being cached on RODC server...
Configure event log subscriptions
Use a GPO to configure device installation restrictions
From Server A - run Create Basic Task Wizard
Modify properties of RODC server computer account.

49. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Then use on install image file that contains a single install image.
NOT be able to store that data on an iSCSI SAN
Set-ADServiceAccount cmdlet
Event Log Subscriptions

50. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Create a standard secondary of domain and create standard secondary of other domain.
Offline domain join
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array