Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. In order to manage websites without having to logon you can use
PowerShell 2.0
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).

2. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Add the new UPN suffix to the forest.
Storage manager for SANs
Dfsrdiag
Add the Windows Server Backup feature and Windows System Image recovery.

3. To add a server with AD FS 2.0 role to an existing AD FS farm...
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
fsconfig on FSSrv2
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Multipath I/O feature

4. 4 steps to perform offline Defragmentation of AD database...
Modify the local policy to point to the Internal WSUS server
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service

5. to protect file servers and hard disks that may be at risk of being accessed or stolen
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Implement Windows BitLocker Drive Encryption (BitLocker)
Microsoft SharePoint Foundation 2010

6. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Folder redirection. Folder redirection is also useful when using roamin profiles.
802.1.x NAP
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)

7. If you need to be able to create shared folders on Server 2008 R2
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Get-ADUser cmdlet
Raise the DFL to Windows Server 2008 R2.

8. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Create a MEDV workspace
Install Windows Server Backup and modify the Windows firewall settings
Changed manually
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.

9. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)

10. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Windows XP Mode
Recommend Group Policy preferences
Event Log Subscriptions
From Server1 - run the Create Basic Task Wizard

11. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

12. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
Restore-ADObject cmdlet
Site
CAPublishGP group should have the Manage CA permission.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.

13. You need to allow a user to add a single computer to a domain - without any additional rights...
AD Rights Management Services
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Implement Windows System Resource Manager (WSRM)
Prestage the computer account in AD

14. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Assign the application to all client computers by using a GPO.

15. If you need to minimize amount of time and impact of 50 simultaneous Win7 installations
A Distributed File System (DFS) namespace
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

16. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Group Policy Preferences
Implement one LUN for the quorum and another LUN for the data
Configure folder redirection
Install From Media IFM

17. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Group Policy Preferences
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.

18. Striped volumes
Modify the GPO to include folder redirection
Improve the performance of File Servers
Install Hyper-V role and convert physical machines into virtual machines
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.

19. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Implement Distributed File System Replication (DFSR) on both servers
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Administrative Role Separation

20. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Run net stop ntds
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Deploy it by using Group Policy Software Installation method

21. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
WSUS server in the branch office in replica mode.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
DSMOD - ADUC
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.

22. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Create a MEDV workspace
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.

23. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Disable Site Link Bridging from IP Properties
Creating a data collector set that kick off a scritp that either move or delete files.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.

24. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Use local roles options within "dsmgmt"

25. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Implement a GPO for each domain
Administrators is the minimum group membership required to complete this procedure.
Ntdsutil
Ensure your account - or the group is a member of the local Administrators group for that specific server.

26. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Implement Windows System Resource Manager (WSRM) and configure user policies
Enable Windows Remote Management (WinRM) on each server.
Network Load Balancing (NLB) cluster

27. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
AD RMS
Role Separation
Jill came down with 2.50.
dsa.msc - dsamain.exe - ntdsutil.exe

28. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Create a MEDV workspace
FILES option within Ntdsutil
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.

29. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Implement the Windows Search Service.
Add the user to the Domain Admins global group
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Modify the local policy to point to the Internal WSUS server

30. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Improve the performance of File Servers
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Deploy a GPO for the Sales OU
Jill came down with 2.50.

31. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Enable Windows Remote Management (WinRM) on each server.
Modify the schema of LDSInst1

32. To deploy templates across the organization
Windows System Resource Manager (WSRM)
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates

33. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Attach VHD file created by Windows server backup
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.

34. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Enable Windows Remote Management (WinRM) on the servers.

35. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Modify the local policy to point to the Internal WSUS server
Refresh the zone on DNS2
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise

36. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
ntdsutil
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Win2000
Deploy a GPO to the WebSrvOU

37. With Group Polices having over 8 -000 different settings - the possibility of conflicting policies - and security filters you should track multiple versions and offline modifications to GPOs. You should recommend
Microsoft Desktop Optimization Pack (MDOP)
Network Load Balancing (NLB) cluster
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Ensure your account - or the group is a member of the local Administrators group for that specific server.

38. Auditing the deletion of Registry keys on all Domain Controllers
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Additional DFS Targets

39. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Winrm quickconfig
Add-ADFineGrainedPasswordPolicySubject cmdlet
Implement a Remote Desktop Connection Broker (RD Connection Broker)
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1

40. To ensure that a file on a file server do not leave the organization you must implement this.
Active Directory Domains and Trusts
Dynamically expanding VHD's
AD RMS
Use CISCO IP Helper command to configure.

41. Need to access some resources in another domain that is part of another forest...What trust is created?
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Passive file screens
Incoming external trust
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.

42. FFL is...
Win2000
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Windows XP Mode
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office

43. To restore previous version of script without taking up too much of time...
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Implement Shadow Copies
Attach VHD file created by Windows server backup

44. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Enable - ADoptionalFeature cmdlet
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Dsmgmt

45. DFL is...
Then install new Server 2008 R2 Enterprise subordinate CA.
Win2000 Native
dnscmd tool
Active Directory snapshots and Tombstone reanimation

46. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Then use on install image file that contains a single install image.
Test-AppLockerPolicy
Import-Module
NOT be able to store that data on an iSCSI SAN

47. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Test-AppLockerPolicy
Active Directory Users and Computers utility
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)

48. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Implement Distributed File System Replication (DFSR) on both servers
Then configure auto enrollment of certificates and Credential Roaming.

49. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
Implement the Windows Search Service.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Distributed File System (DFS) Replication
A relying party trust should be created.

50. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183