SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Domain based Distributed File System (DFS) will reduce network traffic
Properties of PSO need modified
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
802.1.x NAP
2. To allow connection to a 256 Kbps ISDN...
dnscmd
Then use Windows Deployment Services (WDS)
MEDV to deploy virtual desktops
DISABLE slow link detection in the GPO
3. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Use CISCO IP Helper command to configure.
Raise the DFL to Windows Server 2008 R2.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Implement Windows System Resource Manager (WSRM)
4. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Run net stop ntds
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
5. If users complain that it is hard to find the shared folders on the network implement
Install Windows Server Backup and modify the Windows firewall settings
Additional DFS Targets
Incoming external trust
Multipath I/O feature
6. You need a solution that meets policy while minimizing hardware and software costs
Create a new Password Settings Object (PSO) for the IT users.
PowerShell 2.0
Role Separation
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
7. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
Domain based Distributed File System (DFS) namespace and DFS Replication.
fsconfig on FSSrv2
From Server1 - run the Create Basic Task Wizard
Enable Windows Remote Management (WinRM) on each server.
8. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
DISABLE slow link detection in the GPO
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Registry on users computer needs to be modified
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
9. If you need to be able to create shared folders on Server 2008 R2
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Add George to the Domain Admins group.
Deploy a failover cluster that uses Node and File Share Disk Majority
10. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Event Log Subscriptions
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Utilize IFM (Install From Media)
Create an e-mail account in AD DS for your RMS users
11. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Then use on install image file that contains a single install image.
Create and deploy a logon script that runs Auditpol.
Then use Windows Deployment Services (WDS) on DHCP1.
Purchase one additional Enterprise License
12. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
Win2000
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
13. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Deploy Microsoft System Center Operations Manager (SCOM)
Prestage the computer account in AD
IIS Chared Configuration
14. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Improve the performance of File Servers
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Active Directory Right Management Services (AD RMS)
15. Capture all replication errors from all your DCs to a central location...
Microsoft SharePoint Foundation 2010
Configure event log subscriptions
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
16. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Dfsrdiag
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Prestage the computer account in AD
Set-ADServiceAccount cmdlet
17. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Encrypting File System (EFS). This can be enabled locally or through a GPO.
18. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
Add-ADFineGrainedPasswordPolicySubject cmdlet
dnscmd tool
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Active Directory Domains and Trusts
19. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Disable Site Link Bridging from IP Properties
Install Hyper-V role and convert physical machines into virtual machines
Active Directory snapshots and Tombstone reanimation
Deploy a GPO to the WebSrvOU
20. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Install and share a printer on a server and then enable printer pooling.
dnscmd
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
21. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Refresh the zone on DNS2
Deploy Microsoft System Center Operations Manager (SCOM)
Subnet object needs to be created
22. To add a new UPN for all user accounts...
Administrative Role Separation
AD Domains and Trusts
Storage manager for SANs
Windows System Resource Manager (WSRM)
23. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
WDS
Install Hyper-V role and convert physical machines into virtual machines
802.1.x NAP
24. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Get-ADUser cmdlet
A relying party trust should be created.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Storage manager for SANs
25. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Deploy a failover cluster that contains one node in each office.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Enable Windows Remote Management (WinRM) on the servers.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
26. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Implement the Windows Search Service.
An Active Directory subnet object needs to be created.
Role Separation
Site
27. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Event Subscriptions
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Implement Distributed File System Replication (DFSR) on both servers
28. When using Remote Desktop and Remote Desktop Session hosts - to be able to control both who can gain access - and to what - on the network configure;
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Multipath I/O feature
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Configure caching on the shared folder and configure offline files to use encryption
29. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Passive file screens
Active Directory Users and Computers utility
Windows Server 2003
Ntfrsutil
30. Auditing the deletion of Registry keys on all Domain Controllers
Dfsrdiag
Create a standard secondary of domain and create standard secondary of other domain.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
31. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
32. To backup Virtual Machines
Properties of PSO need modified
Recommend Offline Files
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Configure caching on the shared folder and configure offline files to use encryption
33. To allow a user to administer Active Directory
Add the user to the Domain Admins global group
Active Directory snapshots and Tombstone reanimation
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Create ADMX and ADML files. Configure the GPO and link it to the domain.
34. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Microsoft Desktop Optimization Pack (MDOP)
Implement Windows System Resource Manager (WSRM)
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Administrative Role Separation
35. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Configure block inheritance on the IT OU
Add the new UPN Suffix to the forest
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
36. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Use a GPO to configure device installation restrictions
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Restore-ADObject cmdlet
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
37. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.
38. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Disable Site Link Bridging from IP Properties
Role Separation
Configure RODC for Administrator Role Separation
39. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Registry on users computer needs to be modified
Then configure GlobalNames zones on each domain controller.
802.1.x NAP
IIS Manager user account
40. To add a server with AD FS 2.0 role to an existing AD FS farm...
Create a standard secondary of domain and create standard secondary of other domain.
fsconfig on FSSrv2
Implement Distributed File System Replication (DFSR) on both servers
dnscmd tool
41. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
IIS Chared Configuration
IIS Manager user account
From Server A - run Create Basic Task Wizard
Certificate Templates
42. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Additional DFS Targets
43. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Offline domain join
Service user account for AD LDS
File Server Resource Manager (FSRM) quotas and file screens
Disable Site Link Bridging from IP Properties
44. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
From Server A - run Create Basic Task Wizard
Certificate Templates
Microsoft Application Virtualization (AppV)
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
45. The Computer Management snap-in allows you to create shares both on...
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Your machine and remote desktops
46. To defragment and AD database...
net stop ntds
Then use Windows Deployment Services (WDS) on DHCP1.
Microsoft Application Virtualization (AppV)
ntdsutil
47. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud
48. In order to manage websites without having to logon you can use
PowerShell 2.0
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
49. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Network Load Balancing (NLB) cluster
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
50. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Implement a GPO for each domain
Software Restriction Polices
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology