SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Implement Windows BitLocker Drive Encryption (BitLocker)
Basic Authentication and SSL
Then configure GlobalNames zones on each domain controller.
Implement folder redirection by using GPO. Then backup the folder redirection target.
2. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Dynamically expanding VHD's
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
CAPublishGP group should have the Manage CA permission.
Passive file screens
3. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Group Policy Preferences
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Deploy a GPO to the WebSrvOU
4. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
An Active Directory subnet object needs to be created.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Repadmin
Then configure GlobalNames zones on each domain controller.
5. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Install the RSAT tool on their workstation to provide for more efficient network management
From Server A - run Create Basic Task Wizard
Upgrading DFS to Windows Server 2008 R2
6. To be able to manage all the corporate servers from a workstation - you must install the
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Create an e-mail account in AD DS for your RMS users
7. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Restore-ADObject cmdlet
Configure caching on the shared folder (offline files)
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
8. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Prestage the computer account in AD
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
9. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Modify zone transfer settings for company.com zone on DCA
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Then use Windows Deployment Services (WDS) on DHCP1.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
10. If you need to ensure that data is protected by BitLocker then you will...
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Modify the schema of LDSInst1
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
NOT be able to store that data on an iSCSI SAN
11. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Implement GPO for all client computers
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Implement Distributed File System Replication (DFSR) on both servers
12. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Purchase one additional Enterprise License
Prestage the computer account in AD
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Backup operator's domain local group
13. If you need to minimize amount of time and impact of 50 simultaneous Win7 installations
Dynamically expanding VHD's
Authorization Manager
FFL Windows Server 2008 R2
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
14. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Install Windows Server Backup and modify the Windows firewall settings
Implement Windows System Resource Manager (WSRM) and configure user policies
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Subnet object needs to be created
15. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Backup operator's domain local group
Assign the application to computers in the PC OU
Zone transfer settings
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
16. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
DSMOD
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
17. Auditing the deletion of Registry keys on all Domain Controllers
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
ntdsutil
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Create a new Password Settings Object (PSO) for the IT users.
18. FFL is...
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Win2000
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
19. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Autonomous mode...This allows the local administrator to approve their own updates.
Get-ADUser cmdlet
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Implement a domain-based DFS namespace that uses replication
20. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Modify the schema of LDSInst1
Then configure auto enrollment of certificates and Credential Roaming.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Purchase one additional Enterprise License
21. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Backup operator's domain local group
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Create a MEDV workspace
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
22. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
An Active Directory subnet object needs to be created.
Add the new UPN suffix to the forest.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Create a standard secondary of domain and create standard secondary of other domain.
23. To ensure that a file on a file server do not leave the organization you must implement this.
Data Recovery Agent
AD RMS
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Disable Site Link Bridging from IP Properties
24. To minimize the amount of storage required you should recommend
Administrative Role Separation
Changed manually
Share and Storage Management
Then install new Server 2008 R2 Enterprise subordinate CA.
25. To add a new UPN for all user accounts...
Upgrading DFS to Windows Server 2008 R2
fsconfig on FSSrv2
Deploy it by using Group Policy Software Installation method
AD Domains and Trusts
26. You need to recommend a solution for users in the branch office to access files in the main office. To minimize the amount of time it takes for users in the Branch office to access files stored on servers in the main office - and minimize the number
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Microsoft SharePoint Foundation 2010
Then install new Server 2008 R2 Enterprise subordinate CA.
27. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Disable Site Link Bridging from IP Properties
Recommend Group Policy preferences
Configure offline files and enable manual caching
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
28. To prevent account password from being cached on RODC server...
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Modify zone transfer settings for company.com zone on DCA
AD Rights Management Services
Modify properties of RODC server computer account.
29. To help restrict access to Windows 7 computer in the event that it gets stolen implement
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Create an Active Directory-Integrated zone.
Windows BitLocker Drive Encryption (Bit Locker)
DISABLE slow link detection in the GPO
30. Capture all replication errors from all your DCs to a central location...
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Configure event log subscriptions
Create an Active Directory-Integrated zone.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
31. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Add the new UPN Suffix to the forest
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Run the Delegation of Control Wizard on the Staff OU
32. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Execute the Set-ADServiceAccount cmdlet
Create a Network Load Balancing cluster.
Ldp
33. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
Software Restriction Polices
Run adprep /forestprep and adprep /domainprep
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Microsoft Desktop Optimization Pack (MDOP) to your company
34. DFL is...
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Configure caching on the shared folder and configure offline files to use encryption
Win2000 Native
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
35. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Then configure GlobalNames zones on each domain controller.
Multipath I/O feature
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
36. To recover objects deleted from Active Directory you should recommend
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Winrm quickconfig
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Active Directory snapshots and Tombstone reanimation
37. Striped volumes
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Install Hyper-V role and convert physical machines into virtual machines
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Improve the performance of File Servers
38. In order to ensure highly available Windows Update servers you should create this.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Windows Deployment Services (WDS)
Create a new Password Settings Object (PSO) for the IT users.
39. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Implement Distributed File System Replication (DFSR) on both servers
Enable Windows Remote Management (WinRM) on each server.
Autonomous mode...This allows the local administrator to approve their own updates.
dnscmd tool
40. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Execute the Set-ADServiceAccount cmdlet
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Implement Windows System Resource Manager (WSRM)
41. To identify users who bypass the new corporate security policy -
Configure Audit Special Logon and define Special Groups
Then configure GlobalNames zones on each domain controller.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Implement Shadow Copies
42. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Purchase one additional Enterprise License
Then use Windows Deployment Services (WDS)
Deploy it by using Group Policy Software Installation method
43. You need an Active Directory strategy that supports the recovery of deleted objects for up to one year after the date of deletion. to accomplish this
Install From Media IFM
Subnet object needs to be created
Increase the tombstone lifetime for the forest.
Run adprep /forestprep and adprep /domainprep
44. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Then use Windows Deployment Services (WDS)
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Share and Storage Management
45. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Ntdsutil
Import-Module
46. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Additional DFS Targets
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Configure caching on the shared folder and configure offline files to use encryption
47. If users need access to files locally and must be able to access files at another site if the local copy is not available you should implement this.
Then use on install image file that contains a single install image.
A Distributed File System (DFS) namespace
Test-AppLockerPolicy
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
48. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
dsa.msc - dsamain.exe - ntdsutil.exe
Use a GPO to configure device installation restrictions
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Implement GPO for all client computers
49. to protect file servers and hard disks that may be at risk of being accessed or stolen
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
AD RMS
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Implement Windows BitLocker Drive Encryption (BitLocker)
50. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
Configure event log subscriptions
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Implement the Windows Search Service.
Event Viewer
