SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A specific application requires registry modifications to be in place before installing; you should use
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Group Policy Preferences
New ACCOUNT STORE should be added and configured
Run auditpol and then configure the Security settings of the Domain Controllers OU.
2. For the users that work remotely that need access to files from the corporate office you should...
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Recommend Offline Files
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
3. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Dfsrdiag
Distributed File System (DFS) Replication
4. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
File Server Resource Manager (FSRM) quotas and file screens
5. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Your machine and remote desktops
Disable Site Link Bridging from IP Properties
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Then use Windows Deployment Services (WDS) on DHCP1.
6. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Active Directory Users and Computers utility
7. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Subnet object needs to be created
AD Rights Management Services
Test-AppLockerPolicy
Configure block inheritance on the IT OU
8. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Add-ADFineGrainedPasswordPolicySubject cmdlet
Ntfrsutil
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Configure RODC for Administrator Role Separation
9. Tools to view contents of an OU in an AD snapshot...
dsa.msc - dsamain.exe - ntdsutil.exe
Implement Shadow Copies
NOT be able to store that data on an iSCSI SAN
Improve the performance of File Servers
10. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Active Directory snapshots and Tombstone reanimation
Offline domain join
Recommend GPT and basic disks
Use local roles options within "dsmgmt"
11. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Deploy a failover cluster that contains one node in each office.
Properties of PSO need modified
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Domain based Distributed File System (DFS) will reduce network traffic
12. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Autonomous mode...This allows the local administrator to approve their own updates.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Storage manager for SANs
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
13. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Implement Shadow Copies
Repadmin
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
14. File that contains the last logon time and custom attributes values for each user in your forest.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Create an e-mail account in AD DS for your RMS users
Get-ADUser cmdlet
Create a standard secondary of domain and create standard secondary of other domain.
15. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Install From Media IFM
Implement a GPO for each domain
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
16. To build a highly secure server cluster with a reduced attack surface area
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Service user account for AD LDS
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Modify the local policy to point to the Internal WSUS server
17. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Additional DFS Targets
18. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
Implement folder redirection by using GPO. Then backup the folder redirection target.
Winrm quickconfig
Modify the schema of LDSInst1
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
19. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Modify the local policy to point to the Internal WSUS server
Backup operator's domain local group
Increase the tombstone lifetime for the forest.
dnscmd
20. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Implement Distributed File System Replication (DFSR) on both servers
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
PDC emulator with w32tm.exe
A Distributed File System (DFS) namespace
21. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Implement a domain-based DFS namespace that uses replication
Configure caching on the shared folder and configure offline files to use encryption
Test-AppLockerPolicy
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
22. To allow a specifc user or group to manage the address information for the user accounts...
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Recommend Active Directory delegation
Implement a Remote Desktop Connection Broker (RD Connection Broker)
23. To backup Virtual Machines
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Authorization Manager role assignment
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Microsoft SharePoint Foundation 2010
24. to make shares at a remote location available to users you should implement this.
Enable Credential Roaming
Domain based Distributed File System (DFS) namespace and DFS Replication.
Recommend GPT and basic disks
Improve the performance of File Servers
25. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Implement folder redirection by using GPO. Then backup the folder redirection target.
Windows System Resource Manager (WSRM)
26. You need to design your WSUS infrastructure so that updates are highly available. To do so
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
27. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
Raise the DFL to Windows Server 2008 R2.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Create an e-mail account in AD DS for your RMS users
Microsoft Desktop Optimization Pack (MDOP) to your company
28. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Deploy it by using Group Policy Software Installation method
802.1.x NAP
AD Domains and Trusts
MEDV to deploy virtual desktops
29. You need a solution that allows a global group to perform the following: stop and start services; change registry settings; change network settings
File Server Resource Manager (FSRM) quotas and file screens
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
30. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Configure Audit Special Logon and define Special Groups
Repadmin
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
31. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
File Server Resource Manager (FSRM) quotas and file screens
Then install new Server 2008 R2 Enterprise subordinate CA.
Passive file screens
Install From Media IFM
32. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Storage manager for SANs
Get-ADUser cmdlet
Software Restriction Polices
33. What GPO setting should be configured to prevent all users from running an application?
Software Restriction Polices
Backup operator's domain local group
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Recommend Offline Files
34. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Create a Central Store
Dfsrdiag
Group Policy Preferences
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
35. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
Disable Site Link Bridging from the IP properties
Deploy a failover cluster that uses Node and File Share Disk Majority
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Create an e-mail account in AD DS for your RMS users.
36. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Group Policy Preferences
Install Hyper-V role and convert physical machines into virtual machines
Properties of PSO need modified
37. To defragment and AD database...
Perform an authoritative restore
Win2000 Native
net stop ntds
Repadmin
38. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Recommend GPT and basic disks
Domain based DFS namespace and configure a DFS replication group
FILES option within Ntdsutil
39. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Deploy Microsoft System Center Operations Manager (SCOM)
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
40. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
FFL Windows Server 2008 R2
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
41. To restore deleted user account from AD Recycle Bin...
Modify the GPO to include folder redirection
dnscmd tool
Administrators is the minimum group membership required to complete this procedure.
Restore-ADObject cmdlet
42. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Configure offline files and enable manual caching
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Add George to the Domain Admins group.
Implement Windows System Resource Manager (WSRM)
43. You need to recommend a BitLocker recovery method you should recommend this.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Deploy a GPO for the Sales OU
Data Recovery Agent
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
44. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
View properties of %systemroot%ntdsntds.dit
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Configure RODC for Administrator Role Separation
IIS Chared Configuration
45. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
The Group Policy Management console
Install the RSAT tool on their workstation to provide for more efficient network management
Configure event log subscriptions
46. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Multipath I/O feature
Authorization Manager role assignment
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
47. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Windows XP Mode
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Microsoft Application Virtualization (AppV)
48. You need a solution that meets policy while minimizing hardware and software costs
Implement a domain-based DFS namespace that uses replication
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Create a new Password Settings Object (PSO) for the IT users.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
49. To configure AD FS so tokens contain information from Active Directory domain...
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Dsmgmt
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
New ACCOUNT STORE should be added and configured
50. If you need to minimize amount of time and impact of 50 simultaneous Win7 installations
Create a new Password Settings Object (PSO) for the IT users.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Changed manually
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
