Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. George's user account has been deleted in Active Directory. George's user account needs to be restored by usine minimal amount of effort. What should be done?
Perform an authoritative restore
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Winrm quickconfig

2. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Ntfrsutil
Registry on users computer needs to be modified
MEDV to deploy virtual desktops
Autonomous mode...This allows the local administrator to approve their own updates.

3. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
The Group Policy Management console
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
802.1.x NAP
Configure offline files and enable manual caching

4. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Administrators is the minimum group membership required to complete this procedure.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Configure block inheritance on the IT OU
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.

5. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
FFL Windows Server 2008 R2
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Create an e-mail account in AD DS for your RMS users.
Enable Credential Roaming

6. What shold be done to configure AD RMS so users can protect their data?
Run net stop ntds
dnscmd tool
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Create an e-mail account in AD DS for your RMS users

7. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Then use Windows Deployment Services (WDS) on DHCP1.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Software Restriction Polices
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations

8. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Windows Server 2003
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Use the Local Roles options with dsmgmt.
Implement one LUN for the quorum and another LUN for the data

9. To create AD Domain Services snapshot
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Ntdsutil

10. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

11. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Recommend GPT and basic disks
A relying party trust should be created.
dsa.msc - dsamain.exe - ntdsutil.exe
Create a new Password Settings Object (PSO) for the IT users.

12. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Attach VHD file created by Windows server backup
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Implement a GPO for each domain
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in

13. The strongest form of NAP is
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Perform an authoritative restore
Create a MEDV workspace
Properties of PSO need modified

14. If you want to implement BitLocker and store recovery informaiton in a central location
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
CAPublishGP group should have the Manage CA permission.
File Server Resource Manager (FSRM) quotas and file screens

15. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
WDS
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)

16. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Certificate Templates
Ensure your account - or the group is a member of the local Administrators group for that specific server.
ntdsutil
Recommend Group Policy preferences

17. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
IIS Manager user account
Active Directory snapshots and Tombstone reanimation
Event Log Subscriptions

18. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Changed manually
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
From Server1 - run the Create Basic Task Wizard

19. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
net stop ntds
Dfsrdiag
View properties of %systemroot%ntdsntds.dit

20. What utility is used to see what accounts cached on RODC?
Active Directory Right Management Services (AD RMS)
Active Directory Users and Computers
Implement folder redirection by using GPO. Then backup the folder redirection target.
Configure Firewall Group Policies and link them at the Domain level

21. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Use Netsh tool from administrator's computer.
Configure Audit Special Logon and define Special Groups
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)

22. To allow connection to a 256 Kbps ISDN...
DISABLE slow link detection in the GPO
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Test-AppLockerPolicy

23. To build a highly secure server cluster with a reduced attack surface area
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Microsoft Application Virtualization (AppV)
Set-ADServiceAccount cmdlet
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.

24. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Event Viewer
Install From Media IFM
Microsoft Desktop Optimization Pack (MDOP) to your company
Microsoft System Center Data Protection Manager 2010

25. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Modify the schema of LDSInst1
Registry on users computer needs to be modified
Microsoft System Center Data Protection Manager
Enable Windows Remote Management (WinRM) on the servers.

26. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Configure separate application pools for each application
Perform an authoritative restore
Ntfrsutil
Win2000

27. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.

28. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Implement Windows BitLocker Drive Encryption (BitLocker)
Import-Module
Raise the DFL to Windows Server 2008 R2.

29. To be able to manage all the corporate servers from a workstation - you must install the
Configure RODC for Administrator Role Separation
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Passive file screens
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop

30. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Disable Site Link Bridging from IP Properties
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Service user account for AD LDS

31. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Deploy it by using Group Policy Software Installation method
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.

32. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Configure Firewall Group Policies and link them at the Domain level
Raise the DFL to Windows Server 2008 R2.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.

33. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
FFL Windows Server 2008 R2
Microsoft System Center Data Protection Manager 2010

34. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Microsoft SharePoint Foundation 2010
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.

35. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Implement one LUN for the quorum and another LUN for the data
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Configure caching on the shared folder and configure offline files to use encryption
Active Directory snapshots and Tombstone reanimation

36. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Create and deploy a logon script that runs Auditpol.
Encrypting File System (EFS). This can be enabled locally or through a GPO.

37. If you need to ensure that data is protected by BitLocker then you will...
NOT be able to store that data on an iSCSI SAN
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Disable Site Link Bridging from the IP properties
Dfsrdiag

38. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Add the Windows Server Backup feature and Windows System Image recovery.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Domain based Distributed File System (DFS) will reduce network traffic

39. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Then configure GlobalNames zones on each domain controller.
Run the Delegation of Control Wizard on the Staff OU
Install the RSAT tool on their workstation to provide for more efficient network management

40. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Deploy a GPO to the WebSrvOU
Increase the tombstone lifetime for the forest.
Refresh the zone on DNS2
Data Recovery Agent

41. When deploying an application using the Group Policy distribution method assign the...
Offline domain join
Network Load Balancing (NLB) cluster
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
A Distributed File System (DFS) namespace

42. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Create an e-mail account in AD DS for your RMS users
Subnet object needs to be created
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

43. What should be done to ensure changes made to AD objects can be logged?
Win2000
Then configure auto enrollment of certificates and Credential Roaming.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU

44. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Increase the tombstone lifetime for the forest.
Configure folder redirection
Implement GPO for all client computers

45. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Recommend GPT and basic disks
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Create an e-mail account in AD DS for your RMS users.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.

46. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
fsconfig on FSSrv2
PowerShell 2.0
Disable Site Link Bridging from the IP properties
The Group Policy Management Console

47. If users complain that it is hard to find the shared folders on the network implement
Additional DFS Targets
Refresh the zone on DNS2
Install and share a printer on a server and then enable printer pooling.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations

48. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Then use Windows Deployment Services (WDS)
DSMOD
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)

49. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Ldp
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.

50. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183