Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Install From Media IFM
Increase the tombstone lifetime for the forest.
Perform an authoritative restore
Modify the local policy to point to the Internal WSUS server

2. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Implement Shadow Copies
Administrative Role Separation
Create a Central Store
Configure Audit Special Logon and define Special Groups

3. 4 steps to perform offline Defragmentation of AD database...
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
DFL needs to be Windows Server 2008
Jill came down with 2.50.
Zone transfer settings

4. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Incoming external trust
The Group Policy Management Console
Dsmgmt
Ensure your account - or the group is a member of the local Administrators group for that specific server.

5. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
Implement folder redirection by using GPO. Then backup the folder redirection target.
Use a GPO to configure device installation restrictions
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Assign the application to computers in the PC OU

6. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
FFL Windows Server 2008 R2
Multipath I/O feature
Recommend GPT and basic disks

7. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Implement Shadow Copies
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).

8. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
A relying party trust should be created.
NOT be able to store that data on an iSCSI SAN
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).

9. You need to design your WSUS infrastructure so that updates are highly available. To do so
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Backup operator's domain local group

10. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Install and share a printer on a server and then enable printer pooling.
Windows Deployment Services (WDS)
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.

11. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Implement Distributed File System Replication (DFSR) on both servers
Enable - ADoptionalFeature cmdlet
Configure separate application pools for each application
Then use Windows Deployment Services (WDS)

12. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

13. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Configure Firewall Group Policies and link them at the Domain level
Microsoft System Center Data Protection Manager
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.

14. To backup GPO's in domain and minimize bakcup...
Import-Module
Site
Add the Windows Server Backup feature and Windows System Image recovery.
The Group Policy Management Console

15. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Use CISCO IP Helper command to configure.
Raise the DFL to Windows Server 2008 R2.
Microsoft Application Virtualization (AppV)
Implement GPO for all client computers

16. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
DSMOD - ADUC
Raise the DFL to Windows Server 2008 R2.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Windows Server 2003

17. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Install Hyper-V role and convert physical machines into virtual machines
Install From Media IFM
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
The Group Policy Management Console

18. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Implement a domain-based DFS namespace that uses replication
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
NOT be able to store that data on an iSCSI SAN

19. If you need to allow an external partner's computer to access internal network resources by using SSTP
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Create an Active Directory-Integrated zone.
Deploy the Root CA certificate to the external computers.
Assign the application to all client computers by using a GPO.

20. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Install Windows Server Backup and modify the Windows firewall settings
Include a server that runs Microsoft Office SharePoint Server 2010
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.

21. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Microsoft Application Virtualization (AppV)
Network Load Balancing (NLB)
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication

22. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Modify the GPO to include folder redirection
Win2000 Native
Refresh the zone on DNS2
Use a GPO to configure device installation restrictions

23. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Data Recovery Agent
802.1.x NAP
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Recommend Group Policy preferences

24. There's an AD domain named company.com. There are 3 DC's that also hold the DNS server role which host an ADI zone named company.com. This zone is configured to update settings to Secure only Dynamic Updates. The CIO has issued a new security policy
Autonomous mode...This allows the local administrator to approve their own updates.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Purchase one additional Enterprise License
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.

25. 4 steps to perform authoritative restore of a deleted OU...
Distributed File System (DFS) Replication
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Microsoft Application Virtualization (AppV)
Add George to the Domain Admins group.

26. You need to relocate an AD LDS instance from C: Drive to D: Drive
Implement a Remote Desktop Connection Broker (RD Connection Broker)
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Install Hyper-V role and convert physical machines into virtual machines

27. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Basic Authentication and SSL
Windows Deployment Services (WDS)
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
CAPublishGP group should have the Manage CA permission.

28. Tools to view contents of an OU in an AD snapshot...
DFL needs to be Windows Server 2008
Active Directory snapshots and Tombstone reanimation
Restore-ADObject cmdlet
dsa.msc - dsamain.exe - ntdsutil.exe

29. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Add-ADFineGrainedPasswordPolicySubject cmdlet

30. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
Storage manager for SANs
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Active Directory snapshots and Tombstone reanimation

31. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Implement Windows System Resource Manager (WSRM)

32. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
IIS Manager user account

33. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Distributed File System (DFS) Replication
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Add the new UPN suffix to the forest.

34. If you need to delegate control of server to remote admins group
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Configure RODC for Administrator Role Separation
Changed manually

35. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Add-ADFineGrainedPasswordPolicySubject cmdlet
Dynamically expanding VHD's
Windows Deployment Services (WDS)

36. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Raise the DFL to Windows Server 2008 R2.
fsconfig on FSSrv2
Domain based Distributed File System (DFS) will reduce network traffic
Configure offline files and enable manual caching

37. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
From Server1 - run the Create Basic Task Wizard
Install Hyper-V role and convert physical machines into virtual machines
Test-AppLockerPolicy

38. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Increase the tombstone lifetime for the forest.
Implement Windows BitLocker Drive Encryption (BitLocker)
Dsmgmt
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.

39. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Install Windows Server Backup and modify the Windows firewall settings
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Configure Audit Special Logon and define Special Groups
fsconfig on FSSrv2

40. Auditing the deletion of Registry keys on all Domain Controllers
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Recommend Active Directory delegation
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
CAPublishGP group should have the Manage CA permission.

41. To make deploying the custom Word dictionary easy
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Recommend Group Policy preferences

42. Need to ensure users receive updated template within five days...
Recommend Group Policy preferences
Disable Site Link Bridging from the IP properties
Registry on users computer needs to be modified
Microsoft Desktop Optimization Pack (MDOP)

43. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Service user account for AD LDS
Enable Windows Remote Management (WinRM) on the servers.
Repadmin
WDS

44. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Implement Network Access Protection (NAP)
DSMOD
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)

45. To delegate authority to users to manage only certain areas in Hyper-V use the
Authorization Manager role assignment
Utilize IFM (Install From Media)
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
File Server Resource Manager (FSRM) quotas and file screens

46. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
Run the Delegation of Control Wizard on the Staff OU
Disable Site Link Bridging from the IP properties
Configure folder redirection
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).

47. If you need to minimize amount of time and impact of 50 simultaneous Win7 installations
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Event Viewer
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.

48. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Implement Network Access Protection (NAP)
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Encrypting File System (EFS). This can be enabled locally or through a GPO.

49. In order to ensure highly available Windows Update servers you should create this.
Use local roles options within "dsmgmt"
NOT be able to store that data on an iSCSI SAN
Create a new Password Settings Object (PSO) for the IT users.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.

50. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Deploy the Root CA certificate to the external computers.
Disable Site Link Bridging from IP Properties