SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To allow a specifc user or group to manage the address information for the user accounts...
Dfsrdiag
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Data Recovery Agent
Recommend Active Directory delegation
2. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Event Viewer
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
3. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Run the Delegation of Control Wizard on the Staff OU
Group Policy Preferences
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
DSMOD
4. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
Deploy it by using Group Policy Software Installation method
Enable - ADoptionalFeature cmdlet
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
5. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Software Restriction Polices
Implement Network Access Protection (NAP) that uses 802.1x enforcement
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Upgrading DFS to Windows Server 2008 R2
6. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Zone transfer settings
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Implement folder redirection by using GPO. Then backup the folder redirection target.
7. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
From Server1 - run the Create Basic Task Wizard
Active Directory Domains and Trusts
Event Log Subscriptions
Implement a GPO for each domain
8. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Modify the local policy to point to the Internal WSUS server
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
9. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Windows BitLocker Drive Encryption (Bit Locker)
Domain based Distributed File System (DFS) will reduce network traffic
Repadmin
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
10. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Then configure GlobalNames zones on each domain controller.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
11. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Backup operator's domain local group
Perform an authoritative restore
Configure an audit policy by editing the default domain policy and configure Event Forwarding
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
12. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Software Restriction Polices
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Implement a GPO for each domain
Modify the GPO to include folder redirection
13. To enable the AD Recycle Bin
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Autonomous mode...This allows the local administrator to approve their own updates.
Enable - ADoptionalFeature cmdlet
Configure block inheritance on the IT OU
14. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Microsoft Desktop Optimization Pack (MDOP) to your company
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
15. Need to access some resources in another domain that is part of another forest...What trust is created?
A Distributed File System (DFS) namespace
Incoming external trust
Network Load Balancing (NLB)
Winrm quickconfig
16. 4 steps to perform offline Defragmentation of AD database...
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
17. There's an AD domain named company.com. There are 3 DC's that also hold the DNS server role which host an ADI zone named company.com. This zone is configured to update settings to Secure only Dynamic Updates. The CIO has issued a new security policy
PowerShell 2.0
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Deploy a failover cluster that uses Node and File Share Disk Majority
Create a Central Store
18. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
IIS Chared Configuration
Event Subscriptions
Implement Windows System Resource Manager (WSRM)
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
19. Tool to change Directory Services Restore Mode password on Domain Controller...
IIS Manager user account
Implement Windows System Resource Manager (WSRM)
ntdsutil
Raise the DFL to Windows Server 2008 R2.
20. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Administrators is the minimum group membership required to complete this procedure.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Windows BitLocker Drive Encryption (Bit Locker)
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
21. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Test-AppLockerPolicy
802.1.x NAP
A Distributed File System (DFS) namespace
Set-ADServiceAccount cmdlet
22. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Active Directory Right Management Services (AD RMS)
Create a Network Load Balancing cluster.
Run the Delegation of Control Wizard on the Staff OU
fsconfig on FSSrv2
23. When service account passwords need to be changed for SQL they should be...
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Changed manually
Raise the DFL to Windows Server 2008 R2.
Prestage the computer account in AD
24. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Configure separate application pools for each application
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Dynamically expanding VHD's
25. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
26. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Deploy a failover cluster that uses Node and File Share Disk Majority
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Implement one LUN for the quorum and another LUN for the data
27. To defragment and AD database...
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
net stop ntds
Implement Network Access Protection (NAP) that uses 802.1x enforcement
28. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Then use Windows Deployment Services (WDS)
Share and Storage Management
Create a new Password Settings Object (PSO) for the IT users.
Create a standard secondary of domain and create standard secondary of other domain.
29. If you want to implement BitLocker and store recovery informaiton in a central location
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Dfsrdiag
30. to make shares at a remote location available to users you should implement this.
Configure caching on the shared folder and configure offline files to use encryption
Domain based Distributed File System (DFS) namespace and DFS Replication.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
The Group Policy Management Console
31. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Backup operator's domain local group
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
32. To replicate SYSVOL using Distributed File System Replication (DFSR)...
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
DFL needs to be Windows Server 2008
Configure Audit Special Logon and define Special Groups
Implement Windows BitLocker Drive Encryption (BitLocker)
33. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Include a server that runs Microsoft Office SharePoint Server 2010
Offline domain join
dsa.msc - dsamain.exe - ntdsutil.exe
Use the Local Roles options with dsmgmt.
34. To recover objects deleted from Active Directory you should recommend
Active Directory snapshots and Tombstone reanimation
Deploy a GPO to the WebSrvOU
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
35. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Use CISCO IP Helper command to configure.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Active Directory Domains and Trusts
net stop ntds
36. If you need to encrypt all data on all disks
Additional DFS Targets
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Add George to the Domain Admins group.
Then use Windows BitLocker Drive Encryption
37. To create AD Domain Services snapshot
Site
Ntdsutil
Install the RSAT tool on their workstation to provide for more efficient network management
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
38. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Improve the performance of File Servers
Authorization Manager
Site
Software Restriction Polices
39. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
40. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Modify the schema of LDSInst1
A Distributed File System (DFS) namespace
Create a MEDV workspace
WSUS server in the branch office in replica mode.
41. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
Authorization Manager
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
PowerShell 2.0
Use the Local Roles options with dsmgmt.
42. To minimize the amount of storage required you should recommend
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Implement Windows System Resource Manager (WSRM) and configure user policies
Share and Storage Management
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
43. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Enable - ADoptionalFeature cmdlet
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Active Directory snapshots and Tombstone reanimation
PowerShell 2.0
44. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
MEDV to deploy virtual desktops
The Group Policy Management console
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Add the Windows Server Backup feature and Windows System Image recovery.
45. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Then use on install image file that contains a single install image.
Deploy a failover cluster that uses Node and File Share Disk Majority
46. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Run adprep /forestprep and adprep /domainprep
Dfsrdiag
Incoming external trust
47. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Modify the local policy to point to the Internal WSUS server
Passive file screens
Use local roles options within "dsmgmt"
Back up to an external USB drive by using Windows Server Backup
48. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Implement a Remote Desktop Connection Broker (RD Connection Broker)
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Add the Windows Server Backup feature and Windows System Image recovery.
49. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Event Log Subscriptions
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
50. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Network Load Balancing (NLB)
Attach VHD file created by Windows server backup
Recommend GPT and basic disks
