SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Can be used to install the Windows RE on existing servers
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
WDS
Microsoft System Center Data Protection Manager
2. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Implement a domain-based DFS namespace that uses replication
Configure separate application pools for each application
Authorization Manager role assignment
Install and share a printer on a server and then enable printer pooling.
3. When recommending a monitoring solution for an application so that it's events can be stored in a central
Configure RODC for Administrator Role Separation
Install Hyper-V role and convert physical machines into virtual machines
Winrm quickconfig
Event Subscriptions
4. When one needs to audit files - folders - printers and the registry enable
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Configure block inheritance on the IT OU
AD Domains and Trusts
Properties of PSO need modified
5. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
MEDV to deploy virtual desktops
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Properties of PSO need modified
Modify the GPO to include folder redirection
6. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Configure folder redirection
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
PowerShell 2.0
7. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Create an Active Directory-Integrated zone.
8. You need to ensure that the guest account on all servers is disabled to
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Add the user to the Domain Admins global group
9. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
10. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Use a GPO to configure device installation restrictions
Create a Central Store
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
11. An AD LDS instance needs to be replicated from one server to another...
Service user account for AD LDS
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Data Recovery Agent
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
12. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Set-ADServiceAccount cmdlet
Prestage the computer account in AD
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
13. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Then configure GlobalNames zones on each domain controller.
Run the Delegation of Control Wizard on the Staff OU
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
14. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Use local roles options within "dsmgmt"
CAPublishGP group should have the Manage CA permission.
AD Domains and Trusts
15. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Implement Shadow Copies
Active Directory Right Management Services (AD RMS)
Jill came down with 2.50.
16. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Deploy it by using Group Policy Software Installation method
Back up to an external USB drive by using Windows Server Backup
Configure Audit Special Logon and define Special Groups
Configure Firewall Group Policies and link them at the Domain level
17. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
18. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
A Distributed File System (DFS) namespace
Deploy a failover cluster that uses Node and File Share Disk Majority
Event Log Subscriptions
Implement Windows System Resource Manager (WSRM) and configure user policies
19. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Install Hyper-V role and convert physical machines into virtual machines
Microsoft System Center Data Protection Manager
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
20. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
IIS Chared Configuration
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Ntfrsutil
Run adprep /forestprep and adprep /domainprep
21. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Then install new Server 2008 R2 Enterprise subordinate CA.
Network Load Balancing (NLB) cluster
Upgrading DFS to Windows Server 2008 R2
Win2000 Native
22. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Backup operator's domain local group
The Group Policy Management console
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
23. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Run adprep /forestprep and adprep /domainprep
Create a Central Store
Windows System Resource Manager (WSRM)
Upgrading DFS to Windows Server 2008 R2
24. Striped volumes
Improve the performance of File Servers
Run adprep /forestprep and adprep /domainprep
Domain based DFS namespace and configure a DFS replication group
Add the new UPN suffix to the forest.
25. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Create and deploy a logon script that runs Auditpol.
Modify zone transfer settings for company.com zone on DCA
Assign the application to computers in the PC OU
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
26. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Disable Site Link Bridging from IP Properties
Windows System Resource Manager (WSRM)
Create a MEDV workspace
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
27. To restore deleted user account from AD Recycle Bin...
Software Restriction Polices
Restore-ADObject cmdlet
Active Directory Users and Computers utility
Active Directory Domains and Trusts
28. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Then configure auto enrollment of certificates and Credential Roaming.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Recommend Group Policy preferences
29. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
Deploy a GPO for the Sales OU
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
DSMOD
Enable - ADoptionalFeature cmdlet
30. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Create a MEDV workspace
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
31. UPN Suffix xxxx.com needs to be available for user accounts...
Enable Credential Roaming
Implement one LUN for the quorum and another LUN for the data
Add the new UPN Suffix to the forest
A Distributed File System (DFS) namespace
32. To create and additional AD LDS applicaiton directory partition in existing instance...
Ldp
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Perform an authoritative restore
33. If users need access to files locally and must be able to access files at another site if the local copy is not available you should implement this.
A Distributed File System (DFS) namespace
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Create a new Password Settings Object (PSO) for the IT users.
Use the Local Roles options with dsmgmt.
34. Enables you to receive emails when domain users locked out of accounts...
Windows XP Mode
Dsmgmt
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Event Viewer
35. What role to keep same time as an external server?
Test-AppLockerPolicy
Passive file screens
PDC emulator with w32tm.exe
Deploy the Root CA certificate to the external computers.
36. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Then use on install image file that contains a single install image.
IIS Manager user account
Implement folder redirection by using GPO. Then backup the folder redirection target.
Windows Server 2003
37. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
dnscmd tool
Implement Distributed File System Replication (DFSR) on both servers
38. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
39. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
IIS Manager user account
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Deploy a GPO for the Sales OU
40. To update ADRMS password...
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Upgrading DFS to Windows Server 2008 R2
AD Rights Management Services
Creating a data collector set that kick off a scritp that either move or delete files.
41. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
42. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Event Subscriptions
Implement the Windows Search Service.
Dfsrdiag
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
43. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Deploy a GPO for the Sales OU
Deploy Microsoft System Center Operations Manager (SCOM)
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
44. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
IIS Chared Configuration
45. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Enable Credential Roaming
Win2000 Native
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Windows System Resource Manager (WSRM)
46. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Additional DFS Targets
Perform an authoritative restore
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
47. Auditing the deletion of Registry keys on all Domain Controllers
Disable Site Link Bridging from the IP properties
Network Load Balancing (NLB)
Increase the tombstone lifetime for the forest.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
48. With Group Polices having over 8 -000 different settings - the possibility of conflicting policies - and security filters you should track multiple versions and offline modifications to GPOs. You should recommend
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Multipath I/O feature
Microsoft Desktop Optimization Pack (MDOP)
49. If you need to encrypt all data on all disks
Execute the Set-ADServiceAccount cmdlet
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Authorization Manager
Then use Windows BitLocker Drive Encryption
50. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
