SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Active Directory snapshots and Tombstone reanimation
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Implement GPO for all client computers
2. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Import-Module
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
PDC emulator with w32tm.exe
Implement Distributed File System Replication (DFSR) on both servers
3. To be able to user an application from one AD FS with authentication server to another...
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Add the user to the Domain Admins global group
Ensure your account - or the group is a member of the local Administrators group for that specific server.
A relying party trust should be created.
4. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Microsoft Desktop Optimization Pack (MDOP) to your company
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Install and share a printer on a server and then enable printer pooling.
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
5. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Administrators is the minimum group membership required to complete this procedure.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Dsmgmt
6. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
CAPublishGP group should have the Manage CA permission.
Ntdsutil
Deploy it by using Group Policy Software Installation method
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
7. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Enable Windows Remote Management (WinRM) on the servers.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Network Load Balancing (NLB)
Software Restriction Polices
8. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
802.1.x NAP
File Server Resource Manager (FSRM) quotas and file screens
Dsmgmt
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
9. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Domain based DFS namespace and configure a DFS replication group
Modify the schema of LDSInst1
Upgrading DFS to Windows Server 2008 R2
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
10. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Then install new Server 2008 R2 Enterprise subordinate CA.
From Server A - run Create Basic Task Wizard
11. 4 steps to perform offline Defragmentation of AD database...
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Network Load Balancing (NLB) cluster
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Your machine and remote desktops
12. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Deploy Microsoft System Center Operations Manager (SCOM)
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
13. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Site
MEDV to deploy virtual desktops
Implement a GPO for each domain
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
14. Enables you to receive emails when domain users locked out of accounts...
Active Directory snapshots and Tombstone reanimation
Event Viewer
Dsmgmt
Site
15. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Autonomous mode...This allows the local administrator to approve their own updates.
Additional DFS Targets
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
16. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Create an Active Directory-Integrated zone.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Active Directory Domains and Trusts
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
17. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Configure RODC for Administrator Role Separation
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
18. Jack and Jill go up the hill - both with a buck and a quarter
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Jill came down with 2.50.
dnscmd
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
19. To allow connection to a 256 Kbps ISDN...
DISABLE slow link detection in the GPO
Ntdsutil
Create an e-mail account in AD DS for your RMS users.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
20. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Configure Firewall Group Policies and link them at the Domain level
DFL needs to be Windows Server 2008
Install From Media IFM
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
21. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Implement Distributed File System Replication (DFSR) on both servers
Modify zone transfer settings for company.com zone on DCA
22. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Upgrading DFS to Windows Server 2008 R2
Ntdsutil
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
The Group Policy Management Console
23. To minimize the amount of storage required you should recommend
Dfsrdiag
Win2000
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Share and Storage Management
24. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Ntfrsutil
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
25. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
NOT be able to store that data on an iSCSI SAN
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Share and Storage Management
26. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Implement Windows System Resource Manager (WSRM)
The Group Policy Management Console
Configure separate application pools for each application
27. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Dfsrdiag
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
An Active Directory subnet object needs to be created.
28. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Event Subscriptions
29. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Domain based Distributed File System (DFS) will reduce network traffic
Network Load Balancing (NLB) cluster
Raise the DFL to Windows Server 2008 R2.
30. What shold be done to configure AD RMS so users can protect their data?
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Create an e-mail account in AD DS for your RMS users
Zone transfer settings
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
31. Tool to change Directory Services Restore Mode password on Domain Controller...
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
View properties of %systemroot%ntdsntds.dit
ntdsutil
32. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Use the Local Roles options with dsmgmt.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Implement a GPO for each domain
Event Viewer
33. To prevent account password from being cached on RODC server...
Active Directory Users and Computers utility
Modify properties of RODC server computer account.
DSMOD
Install the RSAT tool on their workstation to provide for more efficient network management
34. You need to deploy a sales application that only the sales users must have access to
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Deploy a GPO for the Sales OU
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
35. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
IIS Chared Configuration
Implement one LUN for the quorum and another LUN for the data
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Enable Windows Remote Management (WinRM) on the servers.
36. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Modify the schema of LDSInst1
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Then use Windows Deployment Services (WDS) on DHCP1.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
37. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Configure the zone as an Activde Directory-Integrated zone.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Administrative Role Separation
Dfsrdiag
38. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
39. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Install and share a printer on a server and then enable printer pooling.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
40. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Configure Audit Special Logon and define Special Groups
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
41. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
Microsoft Desktop Optimization Pack (MDOP) to your company
Set-ADServiceAccount cmdlet
Create a new Password Settings Object (PSO) for the IT users.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
42. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Software Restriction Polices
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
WSUS server in the branch office in replica mode.
43. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
Create a new Password Settings Object (PSO) for the IT users.
Event Viewer
Configure offline files and enable manual caching
Then use on install image file that contains a single install image.
44. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Microsoft Desktop Optimization Pack (MDOP) to your company
Use a GPO to configure device installation restrictions
IIS Chared Configuration
Configure block inheritance on the IT OU
45. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
46. To create and additional AD LDS applicaiton directory partition in existing instance...
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Ldp
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
47. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
DFL needs to be Windows Server 2008
Deploy a failover cluster that contains one node in each office.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Refresh the zone on DNS2
48. If subnets are connected by CISCO router that is RFC-1542 compliant
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Domain based DFS namespace and configure a DFS replication group
Modify the local policy to point to the Internal WSUS server
Use CISCO IP Helper command to configure.
49. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Add the Windows Server Backup feature and Windows System Image recovery.
Back up to an external USB drive by using Windows Server Backup
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
50. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Configure Audit Special Logon and define Special Groups
Implement Shadow Copies
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
