SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Need to access some resources in another domain that is part of another forest...What trust is created?
Incoming external trust
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
2. There's an AD domain named company.com. There are 3 DC's that also hold the DNS server role which host an ADI zone named company.com. This zone is configured to update settings to Secure only Dynamic Updates. The CIO has issued a new security policy
Group Policy Preferences
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Assign the application to all client computers by using a GPO.
3. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Printer driver isolation
Improve the performance of File Servers
Install Hyper-V role and convert physical machines into virtual machines
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
4. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Ntfrsutil
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Implement GPO for all client computers
Implement a GPO for each domain
5. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Modify the schema of LDSInst1
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
ntdsutil
Enable Windows Remote Management (WinRM) on the servers.
6. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Windows XP Mode
Domain based DFS namespace and configure a DFS replication group
Use the Local Roles options with dsmgmt.
Configure caching on the shared folder (offline files)
7. 4 steps to perform offline Defragmentation of AD database...
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Create a new Password Settings Object (PSO) for the IT users.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
8. File that contains the last logon time and custom attributes values for each user in your forest.
Then configure GlobalNames zones on each domain controller.
Create an Active Directory-Integrated zone.
Get-ADUser cmdlet
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
9. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Windows Deployment Services (WDS)
Dfsrdiag
Create a Network Load Balancing cluster.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
10. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Recommend Offline Files
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
11. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Modify the schema of LDSInst1
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
12. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Dfsrdiag
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Distributed File System (DFS) Replication
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
13. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
DISABLE slow link detection in the GPO
Active Directory Domains and Trusts
Administrative Role Separation
Modify zone transfer settings for company.com zone on DCA
14. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Microsoft Application Virtualization (AppV)
Execute the Set-ADServiceAccount cmdlet
15. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
Deploy Microsoft System Center Operations Manager (SCOM)
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
16. To build a highly secure server cluster with a reduced attack surface area
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Recommend Active Directory delegation
Incoming external trust
Autonomous mode...This allows the local administrator to approve their own updates.
17. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
Implement one LUN for the quorum and another LUN for the data
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Dfsrdiag
Create an Active Directory-Integrated zone.
18. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Configure offline files and enable manual caching
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Upgrading DFS to Windows Server 2008 R2
19. With Group Polices having over 8 -000 different settings - the possibility of conflicting policies - and security filters you should track multiple versions and offline modifications to GPOs. You should recommend
Install Hyper-V role and convert physical machines into virtual machines
Microsoft Desktop Optimization Pack (MDOP)
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
20. What should be done to ensure changes made to AD objects can be logged?
Configure the zone as an Activde Directory-Integrated zone.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
FILES option within Ntdsutil
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
21. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
Passive file screens
Include a server that runs Microsoft Office SharePoint Server 2010
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Deploy Microsoft System Center Operations Manager (SCOM)
22. to prevent VMs from receiving updats from a group policy
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
dnscmd tool
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Your machine and remote desktops
23. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Install From Media IFM
Configure Audit Special Logon and define Special Groups
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Repadmin
24. to make shares at a remote location available to users you should implement this.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Domain based Distributed File System (DFS) namespace and DFS Replication.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Authorization Manager role assignment
25. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Configure caching on the shared folder (offline files)
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Active Directory Users and Computers utility
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
26. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Add the Windows Server Backup feature and Windows System Image recovery.
Implement a domain-based DFS namespace that uses replication
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
27. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
28. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
New ACCOUNT STORE should be added and configured
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Domain based Distributed File System (DFS) will reduce network traffic
Get-ADUser cmdlet
30. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Enable - ADoptionalFeature cmdlet
Use the Local Roles options with dsmgmt.
Event Log Subscriptions
Install From Media IFM
31. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
AD RMS
Implement Shadow Copies
Dfsrdiag
32. To add a server with AD FS 2.0 role to an existing AD FS farm...
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
fsconfig on FSSrv2
33. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
MEDV to deploy virtual desktops
New ACCOUNT STORE should be added and configured
Add the new UPN suffix to the forest.
Dfsrdiag
34. Your AD environment has an Enterprise Root CA. What 2 actions should you take to ensure that only administrators can sign code?
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Include a server that runs Microsoft Office SharePoint Server 2010
fsconfig on FSSrv2
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
35. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Raise the DFL to Windows Server 2008 R2.
Event Subscriptions
Prestage the computer account in AD
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
36. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Purchase one additional Enterprise License
37. To be able to manage all the corporate servers from a workstation - you must install the
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Win2000 Native
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
38. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
FFL Windows Server 2008 R2
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Install Hyper-V role and convert physical machines into virtual machines
39. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Create an Active Directory-Integrated zone.
Implement Windows System Resource Manager (WSRM) and configure user policies
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
40. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
802.1.x NAP
Windows XP Mode
Site
Implement a Remote Desktop Connection Broker (RD Connection Broker)
41. Ensure password length for a group set to 12 characters long while others keep password policy
Autonomous mode...This allows the local administrator to approve their own updates.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Add-ADFineGrainedPasswordPolicySubject cmdlet
The Group Policy Management Console
42. Tools to view contents of an OU in an AD snapshot...
Domain based DFS namespace and configure a DFS replication group
dsa.msc - dsamain.exe - ntdsutil.exe
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Incoming external trust
43. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Winrm quickconfig
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Add George to the Domain Admins group.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
44. You need to ensure that the guest account on all servers is disabled to
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Assign the application to computers in the PC OU
802.1.x NAP
45. GPO setting to prevent all users from running an application
Run adprep /forestprep and adprep /domainprep
Software Restriction Polices
Folder redirection. Folder redirection is also useful when using roamin profiles.
Add the new UPN suffix to the forest.
46. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Implement Windows System Resource Manager (WSRM) and configure user policies
CAPublishGP group should have the Manage CA permission.
Install Hyper-V role and convert physical machines into virtual machines
Configure caching on the shared folder and configure offline files to use encryption
47. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Enable Credential Roaming
Implement a GPO for each domain
Group Policy Preferences
48. To identify users who bypass the new corporate security policy -
Configure Audit Special Logon and define Special Groups
Install the RSAT tool on their workstation to provide for more efficient network management
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Configure event log subscriptions
49. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Configure caching on the shared folder and configure offline files to use encryption
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
50. To minimize the amount of storage required you should recommend
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
802.1.x NAP
DFL needs to be Windows Server 2008
Share and Storage Management
