Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. To delegate authority to users to manage only certain areas in Hyper-V use the
Modify properties of RODC server computer account.
Set-ADServiceAccount cmdlet
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Authorization Manager role assignment

2. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Modify the local policy to point to the Internal WSUS server
Printer driver isolation

3. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Passive file screens
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Assign the application to computers in the PC OU

4. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
fsconfig on FSSrv2
Passive file screens
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.

5. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Basic Authentication and SSL
Include a server that runs Microsoft Office SharePoint Server 2010
Windows XP Mode
Create ADMX and ADML files. Configure the GPO and link it to the domain.

6. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Add the Windows Server Backup feature and Windows System Image recovery.
Certificate Templates
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.

7. Enables you to receive emails when domain users locked out of accounts...
Microsoft System Center Data Protection Manager 2010
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Event Viewer
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

8. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Domain based DFS namespace and configure a DFS replication group
Test-AppLockerPolicy
WSUS server in the branch office in replica mode.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events

9. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Windows XP Mode
The Group Policy Management console

10. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Windows XP Mode
Service user account for AD LDS
Domain based Distributed File System (DFS) namespace and DFS Replication.

11. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Role Separation
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Reinstall AD DS on DCC.company.com as a WRITABLE DC.

12. In order to manage websites without having to logon you can use
PowerShell 2.0
Microsoft SharePoint Foundation 2010
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Discover the run Microsoft Baseline Security Analyzer (MBSA)

13. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Microsoft System Center Data Protection Manager
Use Netsh tool from administrator's computer.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.

14. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Printer driver isolation
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Implement one LUN for the quorum and another LUN for the data

15. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Test-AppLockerPolicy
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.

16. If users complain that it is hard to find the shared folders on the network implement
Add the new UPN Suffix to the forest
Additional DFS Targets
Group Policy Preferences
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie

17. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Assign the application to all client computers by using a GPO.
Create a Central Store
Certificate Templates

18. To be able to manage all the corporate servers from a workstation - you must install the
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Implement the Windows Search Service.
Implement Shadow Copies

19. to increase the reliability of the print server - configure...
Printer driver isolation
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Data Recovery Agent

20. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Winrm quickconfig
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Software Restriction Polices

21. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Enable Windows Remote Management (WinRM) on the servers.
Add the new UPN suffix to the forest.
Create an Active Directory-Integrated zone.
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.

22. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Group Policy Preferences
Implement a Remote Desktop Connection Broker (RD Connection Broker)
IIS Chared Configuration

23. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Windows BitLocker Drive Encryption (Bit Locker)
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Offline domain join

24. You need a solution that meets policy while minimizing hardware and software costs
View properties of %systemroot%ntdsntds.dit
Then configure auto enrollment of certificates and Credential Roaming.
Create a new Password Settings Object (PSO) for the IT users.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.

25. To add a new UPN for all user accounts...
Active Directory Domains and Trusts
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
AD Domains and Trusts

26. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Add-ADFineGrainedPasswordPolicySubject cmdlet
Create a standard secondary of domain and create standard secondary of other domain.

27. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

28. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Administrators is the minimum group membership required to complete this procedure.
Implement Distributed File System Replication (DFSR) on both servers
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.

29. To identify users who bypass the new corporate security policy -
Configure Audit Special Logon and define Special Groups
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Ntfrsutil

30. When service account passwords need to be changed for SQL they should be...
Then install new Server 2008 R2 Enterprise subordinate CA.
Test-AppLockerPolicy
Changed manually
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster

31. To allow a user to administer Active Directory
Add the user to the Domain Admins global group
Test-AppLockerPolicy
AD Domains and Trusts
Deploy a GPO to the WebSrvOU

32. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Implement the Windows Search Service.
Upgrading DFS to Windows Server 2008 R2
Back up to an external USB drive by using Windows Server Backup
Jill came down with 2.50.

33. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Share and Storage Management
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication

34. To create and additional AD LDS applicaiton directory partition in existing instance...
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Attach VHD file created by Windows server backup
Get-ADUser cmdlet
Ldp

35. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Data Recovery Agent
Windows Deployment Services (WDS)
The Group Policy Management console
Microsoft Application Virtualization (AppV)

36. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Configure block inheritance on the IT OU
Upgrading DFS to Windows Server 2008 R2
Enable Windows Remote Management (WinRM) on the servers.

37. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Use a GPO to configure device installation restrictions
DISABLE slow link detection in the GPO
Include a server that runs Microsoft Office SharePoint Server 2010

38. 4 steps to perform offline Defragmentation of AD database...
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Configure Firewall Group Policies and link them at the Domain level
An Active Directory subnet object needs to be created.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.

39. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Domain based Distributed File System (DFS) will reduce network traffic
Active Directory snapshots and Tombstone reanimation
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.

40. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Configure an audit policy by editing the default domain policy and configure Event Forwarding
dsa.msc - dsamain.exe - ntdsutil.exe

41. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Install From Media IFM
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.

42. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Run the Delegation of Control Wizard on the Staff OU
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Implement Windows System Resource Manager (WSRM) and configure user policies

43. When using Remote Desktop and Remote Desktop Session hosts - to be able to control both who can gain access - and to what - on the network configure;
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
ntdsutil
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)

44. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Event Subscriptions
Your machine and remote desktops
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
ntdsutil

45. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Then configure auto enrollment of certificates and Credential Roaming.
Enable - ADoptionalFeature cmdlet
Authorization Manager
Reinstall AD DS on DCC.company.com as a WRITABLE DC.

46. You have a main office that contains two domain controllers and a branch office that has an RODC. What should be done so that a user named George can install updates on the RODC while preventing George from logging on to any other domain controller?
Use the Local Roles options with dsmgmt.
Use local roles options within "dsmgmt"
Increase the tombstone lifetime for the forest.
Certificate Templates

47. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Configure the zone as an Activde Directory-Integrated zone.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.

48. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Recommend GPT and basic disks
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.

49. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Additional DFS Targets
Winrm quickconfig

50. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Implement Windows System Resource Manager (WSRM)
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
802.1.x NAP
AD Rights Management Services