SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Domain based Distributed File System (DFS) namespace and DFS Replication.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
802.1.x NAP
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
2. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Implement Windows System Resource Manager (WSRM) and configure user policies
Active Directory Users and Computers utility
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
3. To restore deleted user account from AD Recycle Bin...
Implement folder redirection by using GPO. Then backup the folder redirection target.
Restore-ADObject cmdlet
Utilize IFM (Install From Media)
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
4. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Basic Authentication and SSL
Configure folder redirection
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
An Active Directory subnet object needs to be created.
5. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Purchase one additional Enterprise License
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
MEDV to deploy virtual desktops
6. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Use a GPO to configure device installation restrictions
Implement Network Access Protection (NAP)
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Windows Deployment Services (WDS)
7. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Printer driver isolation
Passive file screens
FFL Windows Server 2008 R2
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
8. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
9. If you need to encrypt all data on all disks
Configure authorization rules for Web developers on each web server
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Then use Windows BitLocker Drive Encryption
10. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
MEDV to deploy virtual desktops
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Raise the DFL to Windows Server 2008 R2.
Then use Windows Deployment Services (WDS) on DHCP1.
11. Minimal FFL needed to deploy an RODC that runs Windows Server 2008 R2...
Run net stop ntds
Windows Server 2003
Create and deploy a logon script that runs Auditpol.
Then use Windows BitLocker Drive Encryption
12. You need to relocate an AD LDS instance from C: Drive to D: Drive
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Offline domain join
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
13. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Purchase one additional Enterprise License
Configure block inheritance on the IT OU
Install Hyper-V role and convert physical machines into virtual machines
14. To be able to manage all the corporate servers from a workstation - you must install the
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Create and deploy a logon script that runs Auditpol.
Windows XP Mode
15. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Deploy it by using Group Policy Software Installation method
Then use Windows Deployment Services (WDS)
CAPublishGP group should have the Manage CA permission.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
16. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Site
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
17. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Attach VHD file created by Windows server backup
Test-AppLockerPolicy
18. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Domain based DFS namespace and configure a DFS replication group
Modify the local policy to point to the Internal WSUS server
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
19. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Microsoft SharePoint Foundation 2010
Microsoft Application Virtualization (AppV)
Repadmin
Microsoft Desktop Optimization Pack (MDOP)
20. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Incoming external trust
Back up to an external USB drive by using Windows Server Backup
dnscmd
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
21. If you want to allow single-label name resolution
Purchase one additional Enterprise License
From Server A - run Create Basic Task Wizard
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Then configure GlobalNames zones on each domain controller.
22. To allow connection to a 256 Kbps ISDN...
DISABLE slow link detection in the GPO
Share and Storage Management
Disable Site Link Bridging from the IP properties
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
23. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Active Directory Domains and Trusts
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
24. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
25. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
26. To defragment and AD database...
Deploy the Root CA certificate to the external computers.
Passive file screens
net stop ntds
Add the user to the Domain Admins global group
27. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Ldp
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Windows BitLocker Drive Encryption (Bit Locker)
Domain based Distributed File System (DFS) namespace and DFS Replication.
28. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Configure caching on the shared folder and configure offline files to use encryption
Back up to an external USB drive by using Windows Server Backup
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
29. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
WDS
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Active Directory Right Management Services (AD RMS)
31. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Then use Windows Deployment Services (WDS)
FFL Windows Server 2008 R2
Assign the application to all client computers by using a GPO.
Changed manually
32. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Recommend Offline Files
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Install the RSAT tool on their workstation to provide for more efficient network management
33. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Incoming external trust
Create an e-mail account in AD DS for your RMS users.
34. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Implement a GPO for each domain
Run adprep /forestprep and adprep /domainprep
NOT be able to store that data on an iSCSI SAN
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
35. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Windows System Resource Manager (WSRM)
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Create and deploy a logon script that runs Auditpol.
Additional DFS Targets
36. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Enable Credential Roaming
Assign the application to computers in the PC OU
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Changed manually
37. to increase the reliability of the print server - configure...
Create a new Password Settings Object (PSO) for the IT users.
Implement Windows System Resource Manager (WSRM) and configure user policies
Printer driver isolation
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
38. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Run auditpol and then configure the Security settings of the Domain Controllers OU.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Configure caching on the shared folder (offline files)
39. To backup GPO's in domain and minimize bakcup...
Event Viewer
The Group Policy Management Console
Microsoft Application Virtualization (AppV)
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
40. To configure AD FS so tokens contain information from Active Directory domain...
New ACCOUNT STORE should be added and configured
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Install Windows Server Backup and modify the Windows firewall settings
41. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
From Server A - run Create Basic Task Wizard
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Event Log Subscriptions
Win2000
42. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Modify the local policy to point to the Internal WSUS server
Implement GPO for all client computers
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Windows System Resource Manager (WSRM)
43. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Incoming external trust
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Import-Module
Prestage the computer account in AD
44. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Set-ADServiceAccount cmdlet
djoin /requesteodj from internal server - djoin /provision from outside server/PC
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Include a server that runs Microsoft Office SharePoint Server 2010
45. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Install Windows Server Backup and modify the Windows firewall settings
Run net stop ntds
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Storage manager for SANs
46. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Add-ADFineGrainedPasswordPolicySubject cmdlet
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Add the new UPN suffix to the forest.
47. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Add the new UPN suffix to the forest.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Registry on users computer needs to be modified
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
48. When deploying an application using the Group Policy distribution method assign the...
AD Rights Management Services
Ntdsutil
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
49. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Microsoft SharePoint Foundation 2010
Then use on install image file that contains a single install image.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
50. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Network Load Balancing (NLB)
Install and share a printer on a server and then enable printer pooling.
Dsmgmt
Create a standard secondary of domain and create standard secondary of other domain.
