SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
Create a MEDV workspace
DFL needs to be Windows Server 2008
Microsoft Desktop Optimization Pack (MDOP) to your company
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
2. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Import-Module
Then install new Server 2008 R2 Enterprise subordinate CA.
Ntfrsutil
3. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Windows Server 2003
Back up to an external USB drive by using Windows Server Backup
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
4. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
Data Recovery Agent
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Perform an authoritative restore
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
5. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Then install new Server 2008 R2 Enterprise subordinate CA.
Deploy a failover cluster that uses Node and File Share Disk Majority
Ensure your account - or the group is a member of the local Administrators group for that specific server.
6. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Use a GPO to configure device installation restrictions
Creating a data collector set that kick off a scritp that either move or delete files.
IIS Manager user account
7. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Use a GPO to configure device installation restrictions
Raise the DFL to Windows Server 2008 R2.
Back up to an external USB drive by using Windows Server Backup
Purchase one additional Enterprise License
8. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Folder redirection. Folder redirection is also useful when using roamin profiles.
Raise the DFL to Windows Server 2008 R2.
Microsoft Application Virtualization (AppV)
9. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Implement Network Access Protection (NAP)
10. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
File Server Resource Manager (FSRM) quotas and file screens
From Server A - run Create Basic Task Wizard
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Test-AppLockerPolicy
11. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Create a standard secondary of domain and create standard secondary of other domain.
Enable Windows Remote Management (WinRM) on the servers.
Software Restriction Polices
12. You need a solution that meets policy while minimizing hardware and software costs
Configure Firewall Group Policies and link them at the Domain level
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Implement Windows BitLocker Drive Encryption (BitLocker)
Create a new Password Settings Object (PSO) for the IT users.
13. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Win2000
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Purchase one additional Enterprise License
14. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Deploy a failover cluster that uses Node and File Share Disk Majority
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
The Group Policy Management console
15. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Windows System Resource Manager (WSRM)
Microsoft System Center Data Protection Manager 2010
Windows Deployment Services (WDS)
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
16. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Modify the GPO to include folder redirection
Autonomous mode...This allows the local administrator to approve their own updates.
17. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
FFL Windows Server 2008 R2
Distributed File System (DFS) Replication
Install From Media IFM
18. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Test-AppLockerPolicy
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
19. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
dsa.msc - dsamain.exe - ntdsutil.exe
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Implement Windows BitLocker Drive Encryption (BitLocker)
20. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
AD RMS
Implement a Remote Desktop Connection Broker (RD Connection Broker)
21. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Windows XP Mode
Add the new UPN suffix to the forest.
Configure event log subscriptions
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
22. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Configure Audit Special Logon and define Special Groups
Add the user to the Domain Admins global group
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
23. To defragment and AD database...
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
A Distributed File System (DFS) namespace
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
net stop ntds
24. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Repadmin
Winrm quickconfig
Install Hyper-V role and convert physical machines into virtual machines
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
25. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Assign the application to computers in the PC OU
26. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Import-Module
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
27. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Modify the schema of LDSInst1
Winrm quickconfig
28. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Assign the application to computers in the PC OU
Implement Windows System Resource Manager (WSRM) and configure user policies
The Group Policy Management Console
Implement a Remote Desktop Connection Broker (RD Connection Broker)
29. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
FFL Windows Server 2008 R2
Configure separate application pools for each application
Authorization Manager
Recommend GPT and basic disks
30. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Restore-ADObject cmdlet
31. To prevent account password from being cached on RODC server...
Implement the Windows Search Service.
Event Log Subscriptions
Purchase one additional Enterprise License
Modify properties of RODC server computer account.
32. To minimize the amount of storage required you should recommend
Share and Storage Management
Set-ADServiceAccount cmdlet
Restore-ADObject cmdlet
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
33. If you want to implement BitLocker and store recovery informaiton in a central location
Utilize IFM (Install From Media)
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Back up to an external USB drive by using Windows Server Backup
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
34. If you need to ensure that data is protected by BitLocker then you will...
Enable Windows Remote Management (WinRM) on each server.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
NOT be able to store that data on an iSCSI SAN
Modify the local policy to point to the Internal WSUS server
35. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Install From Media IFM
Active Directory Users and Computers utility
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
36. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Create a Network Load Balancing cluster.
Active Directory Users and Computers
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
37. Striped volumes
Enable Credential Roaming
Improve the performance of File Servers
Implement Windows System Resource Manager (WSRM) and configure user policies
Deploy it by using Group Policy Software Installation method
38. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Implement Windows System Resource Manager (WSRM)
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Install From Media IFM
Recommend Group Policy preferences
39. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
40. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
IIS Chared Configuration
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
41. PowerShell script to create user accounts with passwords from a file called password.csv
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Use Netsh tool from administrator's computer.
Use local roles options within "dsmgmt"
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
42. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Backup operator's domain local group
Add the new UPN suffix to the forest.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
43. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Implement a domain-based DFS namespace that uses replication
Attach VHD file created by Windows server backup
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
44. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
MEDV to deploy virtual desktops
CAPublishGP group should have the Manage CA permission.
Raise the DFL to Windows Server 2008 R2.
Dfsrdiag
45. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Microsoft Application Virtualization (AppV)
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Administrators is the minimum group membership required to complete this procedure.
46. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Dfsrdiag
Create a Central Store
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
47. To ensure that recovery is possible if a file on a file server is deleted accidentally
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Implement Shadow Copies
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Utilize IFM (Install From Media)
48. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Use a GPO to configure device installation restrictions
Domain based Distributed File System (DFS) will reduce network traffic
Repadmin
Network Load Balancing (NLB) cluster
49. To restore previous version of script without taking up too much of time...
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Attach VHD file created by Windows server backup
Implement Windows System Resource Manager (WSRM)
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
50. An AD LDS instance needs to be replicated from one server to another...
Multipath I/O feature
Service user account for AD LDS
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Modify the local policy to point to the Internal WSUS server