SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You need to relocate an AD LDS instance from C: Drive to D: Drive
Import-Module
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
The Group Policy Management Console
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
2. What role to keep same time as an external server?
Import-Module
PDC emulator with w32tm.exe
AD Rights Management Services
Microsoft System Center Data Protection Manager 2010
3. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Administrators is the minimum group membership required to complete this procedure.
Implement the Windows Search Service.
Then install new Server 2008 R2 Enterprise subordinate CA.
Modify the schema of LDSInst1
4. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Zone transfer settings
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
5. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Then configure auto enrollment of certificates and Credential Roaming.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Windows BitLocker Drive Encryption (Bit Locker)
Microsoft Application Virtualization (AppV)
6. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Multipath I/O feature
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
7. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
ntdsutil
Import-Module
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Site
8. To create and additional AD LDS applicaiton directory partition in existing instance...
Active Directory Right Management Services (AD RMS)
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
WDS
Ldp
9. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Assign the application to computers in the PC OU
Offline domain join
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
10. When service account passwords need to be changed for SQL they should be...
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Changed manually
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
11. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Implement the Windows Search Service.
Autonomous mode...This allows the local administrator to approve their own updates.
Upgrading DFS to Windows Server 2008 R2
Encrypting File System (EFS). This can be enabled locally or through a GPO.
12. To configure Administrator Role Separation for an RODC
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Implement the Windows Search Service.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Implement Windows System Resource Manager (WSRM)
13. When using Remote Desktop and Remote Desktop Session hosts - to be able to control both who can gain access - and to what - on the network configure;
Assign the application to computers in the PC OU
Then configure auto enrollment of certificates and Credential Roaming.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Modify zone transfer settings for company.com zone on DCA
14. To deploy templates across the organization
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Deploy Microsoft System Center Operations Manager (SCOM)
Autonomous mode...This allows the local administrator to approve their own updates.
Create a standard secondary of domain and create standard secondary of other domain.
15. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Group Policy Preferences
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
16. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
A relying party trust should be created.
Import-Module
17. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Winrm quickconfig
The Group Policy Management Console
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
18. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Implement Windows System Resource Manager (WSRM) and configure user policies
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
dsa.msc - dsamain.exe - ntdsutil.exe
Additional DFS Targets
19. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Dfsrdiag
Ntfrsutil
20. To backup GPO's in domain and minimize bakcup...
The Group Policy Management Console
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Use the Local Roles options with dsmgmt.
Deploy a GPO for the Sales OU
21. To restore deleted user account from AD Recycle Bin...
Restore-ADObject cmdlet
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Additional DFS Targets
22. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Subnet object needs to be created
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Deploy it by using Group Policy Software Installation method
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
23. You need to recommend a BitLocker recovery method you should recommend this.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Deploy a failover cluster that uses Node and File Share Disk Majority
Recommend Active Directory delegation
Data Recovery Agent
24. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
Create and deploy a logon script that runs Auditpol.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Ntdsutil
25. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
NOT be able to store that data on an iSCSI SAN
Deploy a failover cluster that contains one node in each office.
Role Separation
Dfsrdiag
26. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Prestage the computer account in AD
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Jill came down with 2.50.
Assign the application to all client computers by using a GPO.
27. If you need to minimize the bandwidth for installation
Utilize IFM (Install From Media)
Event Viewer
Implement Windows BitLocker Drive Encryption (BitLocker)
Dynamically expanding VHD's
28. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. What GPO setting should be configured to prevent all users from running an application?
Modify the local policy to point to the Internal WSUS server
Software Restriction Polices
Microsoft System Center Data Protection Manager 2010
Configure block inheritance on the IT OU
31. The Computer Management snap-in allows you to create shares both on...
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Your machine and remote desktops
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
AD Rights Management Services
32. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Deploy a failover cluster that contains one node in each office.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Storage manager for SANs
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
33. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Service user account for AD LDS
Certificate Templates
Disable Site Link Bridging from IP Properties
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
34. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
PowerShell 2.0
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
35. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Configure the zone as an Activde Directory-Integrated zone.
Windows BitLocker Drive Encryption (Bit Locker)
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
MEDV to deploy virtual desktops
36. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Modify the GPO to include folder redirection
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Create an Active Directory-Integrated zone.
37. An AD LDS instance needs to be replicated from one server to another...
Increase the tombstone lifetime for the forest.
Service user account for AD LDS
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
38. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Configure folder redirection
View properties of %systemroot%ntdsntds.dit
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Implement Distributed File System Replication (DFSR) on both servers
39. What utility is used to see what accounts cached on RODC?
Install and share a printer on a server and then enable printer pooling.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Configure caching on the shared folder (offline files)
Active Directory Users and Computers
40. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Test-AppLockerPolicy
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
41. You have a main office that contains two domain controllers and a branch office that has an RODC. What should be done so that a user named George can install updates on the RODC while preventing George from logging on to any other domain controller?
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Import-Module
Configure caching on the shared folder (offline files)
Use the Local Roles options with dsmgmt.
42. To join a server/PC outside of the domain to the network...
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
djoin /requesteodj from internal server - djoin /provision from outside server/PC
fsconfig on FSSrv2
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
43. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Recommend GPT and basic disks
Create a standard secondary of domain and create standard secondary of other domain.
Printer driver isolation
Run net stop ntds
44. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
View properties of %systemroot%ntdsntds.dit
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
802.1.x NAP
45. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Service user account for AD LDS
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Share and Storage Management
Your machine and remote desktops
46. UPN Suffix xxxx.com needs to be available for user accounts...
Ntdsutil
Add the new UPN Suffix to the forest
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
47. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Install the RSAT tool on their workstation to provide for more efficient network management
Purchase one additional Enterprise License
The Group Policy Management console
48. When one needs to audit files - folders - printers and the registry enable
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Your machine and remote desktops
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Add George to the Domain Admins group.
49. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Create a Network Load Balancing cluster.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Creating a data collector set that kick off a scritp that either move or delete files.
Add George to the Domain Admins group.
50. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Test-AppLockerPolicy
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Configure Audit Special Logon and define Special Groups
Refresh the zone on DNS2
