SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. DFL is...
Win2000 Native
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
2. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
Install and share a printer on a server and then enable printer pooling.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
3. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Add the new UPN suffix to the forest.
Authorization Manager
Your machine and remote desktops
An Active Directory subnet object needs to be created.
4. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Disable Site Link Bridging from the IP properties
Administrators is the minimum group membership required to complete this procedure.
Use local roles options within "dsmgmt"
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
5. Can be used to install the Windows RE on existing servers
WDS
Install Windows Server Backup and modify the Windows firewall settings
Share and Storage Management
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
6. To minimize the amount of storage required you should recommend
Add George to the Domain Admins group.
Share and Storage Management
DSMOD
Test-AppLockerPolicy
7. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Windows BitLocker Drive Encryption (Bit Locker)
Test-AppLockerPolicy
802.1.x NAP
8. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Then use Windows BitLocker Drive Encryption
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
9. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Your machine and remote desktops
DISABLE slow link detection in the GPO
10. File that contains the last logon time and custom attributes values for each user in your forest.
Microsoft SharePoint Foundation 2010
Create a standard secondary of domain and create standard secondary of other domain.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Get-ADUser cmdlet
11. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Configure authorization rules for Web developers on each web server
Windows BitLocker Drive Encryption (Bit Locker)
12. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
Recommend GPT and basic disks
Include a server that runs Microsoft Office SharePoint Server 2010
Distributed File System (DFS) Replication
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
13. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
File Server Resource Manager (FSRM) quotas and file screens
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
NOT be able to store that data on an iSCSI SAN
14. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Enable Windows Remote Management (WinRM) on each server.
Execute the Set-ADServiceAccount cmdlet
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Then configure GlobalNames zones on each domain controller.
15. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Import-Module
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Event Log Subscriptions
16. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Implement Windows System Resource Manager (WSRM)
Zone transfer settings
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Set-ADServiceAccount cmdlet
17. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
18. An AD LDS instance needs to be replicated from one server to another...
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
From Server A - run Create Basic Task Wizard
Enable Windows Remote Management (WinRM) on the servers.
Service user account for AD LDS
19. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Group Policy Preferences
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Set-ADServiceAccount cmdlet
20. With Group Polices having over 8 -000 different settings - the possibility of conflicting policies - and security filters you should track multiple versions and offline modifications to GPOs. You should recommend
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Microsoft Desktop Optimization Pack (MDOP)
Windows XP Mode
Attach VHD file created by Windows server backup
21. Capture all replication errors from all your DCs to a central location...
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Configure event log subscriptions
Win2000 Native
Changed manually
22. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Modify zone transfer settings for company.com zone on DCA
Network Load Balancing (NLB)
Authorization Manager
Passive file screens
23. To update ADRMS password...
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
AD Rights Management Services
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Create an Active Directory-Integrated zone.
24. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
25. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Install the RSAT tool on their workstation to provide for more efficient network management
Domain based Distributed File System (DFS) namespace and DFS Replication.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Implement Windows BitLocker Drive Encryption (BitLocker)
26. To allow connection to a 256 Kbps ISDN...
Assign the application to all client computers by using a GPO.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Modify the local policy to point to the Internal WSUS server
DISABLE slow link detection in the GPO
27. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Additional DFS Targets
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Offline domain join
28. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Authorization Manager
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
29. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
A Distributed File System (DFS) namespace
File Server Resource Manager (FSRM) quotas and file screens
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Run net stop ntds
30. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Administrators is the minimum group membership required to complete this procedure.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
AD Domains and Trusts
31. If subnets are connected by CISCO router that is RFC-1542 compliant
Use CISCO IP Helper command to configure.
Active Directory Users and Computers utility
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Add George to the Domain Admins group.
32. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Configure caching on the shared folder (offline files)
Create and deploy a logon script that runs Auditpol.
Execute the Set-ADServiceAccount cmdlet
33. If you need to allow an external partner's computer to access internal network resources by using SSTP
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Deploy the Root CA certificate to the external computers.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
34. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Implement folder redirection by using GPO. Then backup the folder redirection target.
Passive file screens
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
35. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Authorization Manager
Configure authorization rules for Web developers on each web server
36. To prevent account password from being cached on RODC server...
Modify properties of RODC server computer account.
Network Load Balancing (NLB)
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Prestage the computer account in AD
37. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Modify properties of RODC server computer account.
Modify the local policy to point to the Internal WSUS server
Ntfrsutil
Event Log Subscriptions
38. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Raise the DFL to Windows Server 2008 R2.
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Implement the Windows Search Service.
39. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
FFL Windows Server 2008 R2
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
40. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
Passive file screens
PDC emulator with w32tm.exe
DISABLE slow link detection in the GPO
Enable Windows Remote Management (WinRM) on each server.
41. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Configure offline files and enable manual caching
DSMOD
Repadmin
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
42. To make deploying the custom Word dictionary easy
Windows System Resource Manager (WSRM)
Recommend Group Policy preferences
Deploy a GPO for the Sales OU
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
43. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Windows Deployment Services (WDS)
Then use Windows Deployment Services (WDS) on DHCP1.
Install and share a printer on a server and then enable printer pooling.
44. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Ntfrsutil
Windows Server 2003
Repadmin
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
45. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
46. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
WDS
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
47. To backup GPO's in domain and minimize bakcup...
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
The Group Policy Management Console
Subnet object needs to be created
48. to make shares at a remote location available to users you should implement this.
802.1.x NAP
Event Subscriptions
Domain based Distributed File System (DFS) namespace and DFS Replication.
Implement Windows System Resource Manager (WSRM) and configure user policies
49. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
djoin /requesteodj from internal server - djoin /provision from outside server/PC
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
50. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Raise the DFL to Windows Server 2008 R2.
Utilize IFM (Install From Media)
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
