SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If a file server reaches 15% free disk space - you could free up some disk space by
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Distributed File System (DFS) Replication
Then use Windows Deployment Services (WDS) on DHCP1.
Creating a data collector set that kick off a scritp that either move or delete files.
2. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Prestage the computer account in AD
Windows Server 2003
Modify zone transfer settings for company.com zone on DCA
3. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Folder redirection. Folder redirection is also useful when using roamin profiles.
4. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Storage manager for SANs
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
An Active Directory subnet object needs to be created.
Configure caching on the shared folder (offline files)
5. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
fsconfig on FSSrv2
A relying party trust should be created.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
6. To join a server/PC outside of the domain to the network...
Disable Site Link Bridging from IP Properties
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
7. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Implement GPO for all client computers
Authorization Manager
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Domain based DFS namespace and configure a DFS replication group
8. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
9. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
Implement Windows System Resource Manager (WSRM)
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
802.1.x NAP
Create an e-mail account in AD DS for your RMS users.
10. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
Implement Shadow Copies
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Autonomous mode...This allows the local administrator to approve their own updates.
Domain based Distributed File System (DFS) namespace and DFS Replication.
11. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Implement one LUN for the quorum and another LUN for the data
Then install new Server 2008 R2 Enterprise subordinate CA.
Install and share a printer on a server and then enable printer pooling.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
12. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Incoming external trust
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
13. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Install Windows Server Backup and modify the Windows firewall settings
AD Domains and Trusts
Repadmin
14. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Create a Central Store
Your machine and remote desktops
Active Directory snapshots and Tombstone reanimation
15. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Modify zone transfer settings for company.com zone on DCA
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
16. To identify users who bypass the new corporate security policy -
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Active Directory Domains and Trusts
Configure Audit Special Logon and define Special Groups
17. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Implement a GPO for each domain
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Printer driver isolation
Discover the run Microsoft Baseline Security Analyzer (MBSA)
18. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Multipath I/O feature
Windows System Resource Manager (WSRM)
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Distributed File System (DFS) Replication
19. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Changed manually
Configure offline files and enable manual caching
Deploy a failover cluster that uses Node and File Share Disk Majority
Implement Windows BitLocker Drive Encryption (BitLocker)
20. If you need to allow an external partner's computer to access internal network resources by using SSTP
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Subnet object needs to be created
Deploy the Root CA certificate to the external computers.
Use CISCO IP Helper command to configure.
21. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Event Log Subscriptions
22. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
23. Need to ensure users receive updated template within five days...
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Registry on users computer needs to be modified
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Incoming external trust
24. To allow a user to administer Active Directory
Get-ADUser cmdlet
Add the user to the Domain Admins global group
DSMOD
Active Directory Users and Computers utility
25. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Passive file screens
Disable Site Link Bridging from the IP properties
Win2000
Upgrading DFS to Windows Server 2008 R2
26. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Configure separate application pools for each application
Share and Storage Management
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Domain based DFS namespace and configure a DFS replication group
27. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
IIS Manager user account
Repadmin
Add the new UPN suffix to the forest.
28. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Implement Shadow Copies
Changed manually
Implement GPO for all client computers
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
29. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Then configure auto enrollment of certificates and Credential Roaming.
Install and share a printer on a server and then enable printer pooling.
30. to protect file servers and hard disks that may be at risk of being accessed or stolen
Attach VHD file created by Windows server backup
Implement Windows BitLocker Drive Encryption (BitLocker)
Upgrading DFS to Windows Server 2008 R2
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
31. To restore previous version of script without taking up too much of time...
Windows Deployment Services (WDS)
Configure Audit Special Logon and define Special Groups
Attach VHD file created by Windows server backup
Multipath I/O feature
32. Ensure password length for a group set to 12 characters long while others keep password policy
Recommend Active Directory delegation
Jill came down with 2.50.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Add-ADFineGrainedPasswordPolicySubject cmdlet
33. You need to ensure that the guest account on all servers is disabled to
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Utilize IFM (Install From Media)
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Domain based Distributed File System (DFS) will reduce network traffic
34. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
dnscmd tool
35. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Add the new UPN suffix to the forest.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Deploy the Root CA certificate to the external computers.
36. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Purchase one additional Enterprise License
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
An Active Directory subnet object needs to be created.
Deploy a failover cluster that uses Node and File Share Disk Majority
37. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Dfsrdiag
Modify the GPO to include folder redirection
Additional DFS Targets
Implement Windows System Resource Manager (WSRM)
38. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
IIS Manager user account
Recommend Active Directory delegation
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Improve the performance of File Servers
39. File that contains the last logon time and custom attributes values for each user in your forest.
Share and Storage Management
Windows Deployment Services (WDS)
Test-AppLockerPolicy
Get-ADUser cmdlet
40. 4 steps to perform offline Defragmentation of AD database...
Assign the application to all client computers by using a GPO.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
41. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
From Server1 - run the Create Basic Task Wizard
Repadmin
Windows XP Mode
42. To backup Virtual Machines
Software Restriction Polices
Create a new Password Settings Object (PSO) for the IT users.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
43. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
net stop ntds
Implement Windows BitLocker Drive Encryption (BitLocker)
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Microsoft SharePoint Foundation 2010
44. To recover objects deleted from Active Directory you should recommend
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Deploy a GPO to the WebSrvOU
Active Directory snapshots and Tombstone reanimation
Software Restriction Polices
45. If you need to encrypt all data on all disks
Implement Distributed File System Replication (DFSR) on both servers
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Then use Windows BitLocker Drive Encryption
46. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Create an e-mail account in AD DS for your RMS users.
Enable Windows Remote Management (WinRM) on the servers.
Dfsrdiag
Recommend Offline Files
47. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
From Server A - run Create Basic Task Wizard
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Offline domain join
Improve the performance of File Servers
48. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
WSUS server in the branch office in replica mode.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
49. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Active Directory Domains and Trusts
Domain based Distributed File System (DFS) namespace and DFS Replication.
50. To restore deleted user account from AD Recycle Bin...
Restore-ADObject cmdlet
Install From Media IFM
Deploy a failover cluster that uses Node and File Share Disk Majority
Active Directory Users and Computers utility
