SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You need to design your WSUS infrastructure so that updates are highly available. To do so
Install From Media IFM
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Modify the schema of LDSInst1
2. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Configure offline files and enable manual caching
Dsmgmt
djoin /requesteodj from internal server - djoin /provision from outside server/PC
A Distributed File System (DFS) namespace
3. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Offline domain join
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Configure block inheritance on the IT OU
Deploy a failover cluster that contains one node in each office.
4. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
Configure block inheritance on the IT OU
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Implement the Windows Search Service.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
5. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
Windows XP Mode
Implement folder redirection by using GPO. Then backup the folder redirection target.
Group Policy Preferences
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
6. The strongest form of NAP is
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Configure authorization rules for Web developers on each web server
AD Domains and Trusts
7. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
IIS Manager user account
8. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Deploy a GPO to the WebSrvOU
dnscmd tool
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
DSMOD
9. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
802.1.x NAP
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
10. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Microsoft Desktop Optimization Pack (MDOP) to your company
11. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Implement Windows System Resource Manager (WSRM) and configure user policies
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Test-AppLockerPolicy
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
12. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Domain based Distributed File System (DFS) will reduce network traffic
fsconfig on FSSrv2
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Microsoft Application Virtualization (AppV)
13. to protect file servers and hard disks that may be at risk of being accessed or stolen
Implement Windows BitLocker Drive Encryption (BitLocker)
Group Policy Preferences
Use the Local Roles options with dsmgmt.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
14. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Configure RODC for Administrator Role Separation
Modify the local policy to point to the Internal WSUS server
Add the new UPN Suffix to the forest
Ntfrsutil
15. To allow for an application on a Remote Desktop Server to be available through document invocation - you must
Attach VHD file created by Windows server backup
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Then use on install image file that contains a single install image.
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
16. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Configure the zone as an Activde Directory-Integrated zone.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Create an e-mail account in AD DS for your RMS users.
17. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Folder redirection. Folder redirection is also useful when using roamin profiles.
Deploy Microsoft System Center Operations Manager (SCOM)
18. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Software Restriction Polices
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Data Recovery Agent
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
20. If users complain that it is hard to find the shared folders on the network implement
Offline domain join
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Additional DFS Targets
21. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Dfsrdiag
Add the new UPN suffix to the forest.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
22. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
IIS Chared Configuration
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Group Policy Preferences
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
23. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Raise the DFL to Windows Server 2008 R2.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Back up to an external USB drive by using Windows Server Backup
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
24. To compact AD database...
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
FILES option within Ntdsutil
Modify the GPO to include folder redirection
25. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Execute the Set-ADServiceAccount cmdlet
Deploy a GPO for the Sales OU
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
26. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Certificate Templates
Create a Network Load Balancing cluster.
Event Viewer
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
27. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Passive file screens
Authorization Manager
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
28. What utility is used to see what accounts cached on RODC?
Active Directory Users and Computers
Enable Windows Remote Management (WinRM) on each server.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
29. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Disable Site Link Bridging from IP Properties
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Certificate Templates
Assign the application to all client computers by using a GPO.
30. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Deploy a failover cluster that uses Node and File Share Disk Majority
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
AD Rights Management Services
31. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Use CISCO IP Helper command to configure.
Then configure auto enrollment of certificates and Credential Roaming.
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Windows Deployment Services (WDS)
32. to make shares at a remote location available to users you should implement this.
Modify the local policy to point to the Internal WSUS server
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Implement a GPO for each domain
Domain based Distributed File System (DFS) namespace and DFS Replication.
33. If users need access to files locally and must be able to access files at another site if the local copy is not available you should implement this.
A Distributed File System (DFS) namespace
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Authorization Manager
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
34. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
FFL Windows Server 2008 R2
DSMOD - ADUC
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
35. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Perform an authoritative restore
Utilize IFM (Install From Media)
36. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
FFL Windows Server 2008 R2
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Install Windows Server Backup and modify the Windows firewall settings
37. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Create a Central Store
Group Policy Preferences
38. You need to recommend a BitLocker recovery method you should recommend this.
Data Recovery Agent
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Configure the zone as an Activde Directory-Integrated zone.
39. When deploying an application using the Group Policy distribution method assign the...
Active Directory Right Management Services (AD RMS)
Printer driver isolation
Autonomous mode...This allows the local administrator to approve their own updates.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
40. To prevent account password from being cached on RODC server...
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Modify properties of RODC server computer account.
MEDV to deploy virtual desktops
Backup operator's domain local group
41. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Configure block inheritance on the IT OU
Dfsrdiag
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
42. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
43. Need to access some resources in another domain that is part of another forest...What trust is created?
Use the Local Roles options with dsmgmt.
Recommend Offline Files
Use Netsh tool from administrator's computer.
Incoming external trust
44. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Site
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
AD Rights Management Services
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
45. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Configure offline files and enable manual caching
46. To add a server with AD FS 2.0 role to an existing AD FS farm...
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
fsconfig on FSSrv2
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
47. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Microsoft System Center Data Protection Manager 2010
Increase the tombstone lifetime for the forest.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Execute the Set-ADServiceAccount cmdlet
48. To join a server/PC outside of the domain to the network...
Microsoft Application Virtualization (AppV)
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Run the Delegation of Control Wizard on the Staff OU
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
49. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Properties of PSO need modified
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
50. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Deploy a failover cluster that uses Node and File Share Disk Majority
Get-ADUser cmdlet
Then use Windows BitLocker Drive Encryption
AD Rights Management Services
