Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. To defragment and AD database...
net stop ntds
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Recommend Group Policy preferences

2. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

3. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Back up to an external USB drive by using Windows Server Backup
Certificate Templates
Active Directory snapshots and Tombstone reanimation
Configure Firewall Group Policies and link them at the Domain level

4. What role to keep same time as an external server?
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
PDC emulator with w32tm.exe
Create a standard secondary of domain and create standard secondary of other domain.
Use CISCO IP Helper command to configure.

5. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Event Log Subscriptions
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Test-AppLockerPolicy
Dsmgmt

6. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Then use Windows Deployment Services (WDS) on DHCP1.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)

7. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Modify the local policy to point to the Internal WSUS server
Backup operator's domain local group
Multipath I/O feature

8. Striped volumes
Service user account for AD LDS
Improve the performance of File Servers
dsa.msc - dsamain.exe - ntdsutil.exe
PowerShell 2.0

9. New Password Policy needs to be created for OU different from domain password policy
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Service user account for AD LDS
AD Rights Management Services
Active Directory Right Management Services (AD RMS)

10. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
802.1.x NAP
Deploy a failover cluster that uses Node and File Share Disk Majority

11. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Import-Module
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Active Directory Users and Computers
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)

12. You need to ensure that the guest account on all servers is disabled to
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
MEDV to deploy virtual desktops
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Discover the run Microsoft Baseline Security Analyzer (MBSA)

13. to protect file servers and hard disks that may be at risk of being accessed or stolen
Authorization Manager role assignment
Implement Windows BitLocker Drive Encryption (BitLocker)
Add the Windows Server Backup feature and Windows System Image recovery.
Create a Central Store

14. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Deploy it by using Group Policy Software Installation method
IIS Chared Configuration
Implement Shadow Copies

15. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Software Restriction Polices
CAPublishGP group should have the Manage CA permission.
Purchase one additional Enterprise License
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.

16. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
Deploy a GPO for the Sales OU
Windows System Resource Manager (WSRM)
WDS
Install and share a printer on a server and then enable printer pooling.

17. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
WDS
Enable Windows Remote Management (WinRM) on the servers.

18. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Windows Deployment Services (WDS)
Microsoft Desktop Optimization Pack (MDOP)

19. DFL is...
Network Load Balancing (NLB)
Win2000 Native
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Configure Firewall Group Policies and link them at the Domain level

20. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Test-AppLockerPolicy
Utilize IFM (Install From Media)
Configure offline files and enable manual caching
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.

21. To backup GPO's in domain and minimize bakcup...
Software Restriction Polices
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
The Group Policy Management Console

22. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
DSMOD - ADUC
Then configure auto enrollment of certificates and Credential Roaming.
Add the new UPN Suffix to the forest
Microsoft System Center Data Protection Manager 2010

23. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
CAPublishGP group should have the Manage CA permission.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates

24. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
dnscmd tool
Network Load Balancing (NLB) cluster
Increase the tombstone lifetime for the forest.

25. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Additional DFS Targets
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th

26. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Use CISCO IP Helper command to configure.
DSMOD
Disable Site Link Bridging from the IP properties
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)

27. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
AD Domains and Trusts
Network Load Balancing (NLB)
Creating a data collector set that kick off a scritp that either move or delete files.
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.

28. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Software Restriction Polices
Implement the Windows Search Service.
Increase the tombstone lifetime for the forest.

29. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Attach VHD file created by Windows server backup
Multipath I/O feature
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster

30. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Install Hyper-V role and convert physical machines into virtual machines
Modify the GPO to include folder redirection
DFL needs to be Windows Server 2008
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}

31. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Event Subscriptions
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Test-AppLockerPolicy

32. To ensure that a file on a file server do not leave the organization you must implement this.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Microsoft System Center Data Protection Manager 2010
net stop ntds
AD RMS

33. GPO setting to prevent all users from running an application
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Software Restriction Polices
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Include a server that runs Microsoft Office SharePoint Server 2010

34. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
Configure the zone as an Activde Directory-Integrated zone.
Modify the local policy to point to the Internal WSUS server
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.

35. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Implement a GPO for each domain
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Ntdsutil

36. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Deploy the Root CA certificate to the external computers.
Install From Media IFM
Microsoft SharePoint Foundation 2010
Changed manually

37. To restore previous version of script without taking up too much of time...
Install the RSAT tool on their workstation to provide for more efficient network management
Group Policy Preferences
Attach VHD file created by Windows server backup
Microsoft Application Virtualization (AppV)

38. If you need to ensure that data is protected by BitLocker then you will...
Implement Shadow Copies
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
NOT be able to store that data on an iSCSI SAN
Install Microsoft Secure Socket Tunneling Protocol (SSTP)

39. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Network Load Balancing (NLB)
Create a Network Load Balancing cluster.
Active Directory Domains and Trusts

40. You need to design your WSUS infrastructure so that updates are highly available. To do so
ntdsutil
Recommend Offline Files
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

41. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO

42. If you need to minimize the bandwidth for installation
Utilize IFM (Install From Media)
From Server A - run Create Basic Task Wizard
Run adprep /forestprep and adprep /domainprep
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations

43. to make shares at a remote location available to users you should implement this.
Domain based Distributed File System (DFS) namespace and DFS Replication.
MEDV to deploy virtual desktops
Event Log Subscriptions
Then configure GlobalNames zones on each domain controller.

44. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Active Directory Users and Computers
Configure RODC for Administrator Role Separation
Create an Active Directory-Integrated zone.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.

45. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Active Directory Users and Computers
Windows XP Mode
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.

46. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Implement a GPO for each domain
Winrm quickconfig
Attach VHD file created by Windows server backup
Install Windows Server Backup and modify the Windows firewall settings

47. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Install and share a printer on a server and then enable printer pooling.
Use CISCO IP Helper command to configure.
From Server1 - run the Create Basic Task Wizard
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1

48. Tool to change Directory Services Restore Mode password on Domain Controller...
ntdsutil
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Then configure GlobalNames zones on each domain controller.

49. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Implement Network Access Protection (NAP)
Import-Module
Active Directory Users and Computers
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).

50. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Assign the application to all client computers by using a GPO.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.