SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Incoming external trust
Changed manually
Folder redirection. Folder redirection is also useful when using roamin profiles.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
2. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Implement Network Access Protection (NAP) that uses 802.1x enforcement
IIS Chared Configuration
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
3. DFL is...
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Win2000 Native
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
4. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Active Directory Right Management Services (AD RMS)
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
5. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Configure an audit policy by editing the default domain policy and configure Event Forwarding
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Configure Audit Special Logon and define Special Groups
6. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Implement Windows BitLocker Drive Encryption (BitLocker)
MEDV to deploy virtual desktops
Implement Distributed File System Replication (DFSR) on both servers
Implement one LUN for the quorum and another LUN for the data
7. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Increase the tombstone lifetime for the forest.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
From Server1 - run the Create Basic Task Wizard
Dfsrdiag
8. If you want to allow single-label name resolution
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Microsoft System Center Data Protection Manager
Then configure GlobalNames zones on each domain controller.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
9. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Microsoft System Center Data Protection Manager
Implement a GPO for each domain
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
10. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Software Restriction Polices
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
11. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Create an e-mail account in AD DS for your RMS users
Implement Network Access Protection (NAP)
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Raise the DFL to Windows Server 2008 R2.
12. To ensure that a file on a file server do not leave the organization you must implement this.
Microsoft Desktop Optimization Pack (MDOP) to your company
MEDV to deploy virtual desktops
AD RMS
Modify zone transfer settings for company.com zone on DCA
13. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Configure Audit Special Logon and define Special Groups
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Microsoft System Center Data Protection Manager
Folder redirection. Folder redirection is also useful when using roamin profiles.
14. An AD LDS instance needs to be replicated from one server to another...
Service user account for AD LDS
PDC emulator with w32tm.exe
Implement folder redirection by using GPO. Then backup the folder redirection target.
Active Directory Right Management Services (AD RMS)
15. To configure AD FS so tokens contain information from Active Directory domain...
Active Directory snapshots and Tombstone reanimation
New ACCOUNT STORE should be added and configured
Install the RSAT tool on their workstation to provide for more efficient network management
Configure event log subscriptions
16. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Implement folder redirection by using GPO. Then backup the folder redirection target.
Implement Windows System Resource Manager (WSRM) and configure user policies
Upgrading DFS to Windows Server 2008 R2
17. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Configure folder redirection
From Server1 - run the Create Basic Task Wizard
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
18. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Enable Windows Remote Management (WinRM) on each server.
Microsoft Application Virtualization (AppV)
Add the new UPN suffix to the forest.
Add the Windows Server Backup feature and Windows System Image recovery.
19. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Domain based Distributed File System (DFS) namespace and DFS Replication.
File Server Resource Manager (FSRM) quotas and file screens
Run the Delegation of Control Wizard on the Staff OU
Implement a domain-based DFS namespace that uses replication
20. To prevent account password from being cached on RODC server...
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Subnet object needs to be created
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Modify properties of RODC server computer account.
21. To ensure that recovery is possible if a file on a file server is deleted accidentally
Implement Shadow Copies
Changed manually
Configure RODC for Administrator Role Separation
Create a Network Load Balancing cluster.
22. If users complain that it is hard to find the shared folders on the network implement
Additional DFS Targets
Data Recovery Agent
dsa.msc - dsamain.exe - ntdsutil.exe
Recommend Active Directory delegation
23. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Offline domain join
Configure caching on the shared folder (offline files)
Recommend GPT and basic disks
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
24. UPN Suffix xxxx.com needs to be available for user accounts...
Microsoft SharePoint Foundation 2010
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Deploy a failover cluster that contains one node in each office.
Add the new UPN Suffix to the forest
25. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Deploy Microsoft System Center Operations Manager (SCOM)
Improve the performance of File Servers
Passive file screens
Restore-ADObject cmdlet
26. If a file server reaches 15% free disk space - you could free up some disk space by
Creating a data collector set that kick off a scritp that either move or delete files.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Create an Active Directory-Integrated zone.
27. to make shares at a remote location available to users you should implement this.
Create a Network Load Balancing cluster.
fsconfig on FSSrv2
Active Directory snapshots and Tombstone reanimation
Domain based Distributed File System (DFS) namespace and DFS Replication.
28. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Then use Windows Deployment Services (WDS)
New ACCOUNT STORE should be added and configured
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
29. To be able to manage all the corporate servers from a workstation - you must install the
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
802.1.x NAP
Then use on install image file that contains a single install image.
30. To allow for an application on a Remote Desktop Server to be available through document invocation - you must
Certificate Templates
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
31. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Create a Network Load Balancing cluster.
Basic Authentication and SSL
Then use Windows BitLocker Drive Encryption
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
32. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Active Directory Users and Computers
Winrm quickconfig
Dsmgmt
Use a GPO to configure device installation restrictions
33. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Active Directory snapshots and Tombstone reanimation
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
34. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
Certificate Templates
Event Viewer
Network Load Balancing (NLB) cluster
Create a Central Store
35. In order to manage websites without having to logon you can use
DSMOD
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Autonomous mode...This allows the local administrator to approve their own updates.
PowerShell 2.0
36. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
MEDV to deploy virtual desktops
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Configure folder redirection
37. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
DFL needs to be Windows Server 2008
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Test-AppLockerPolicy
Data Recovery Agent
38. 4 steps to perform offline Defragmentation of AD database...
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
New ACCOUNT STORE should be added and configured
39. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Windows System Resource Manager (WSRM)
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
DISABLE slow link detection in the GPO
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
40. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Administrators is the minimum group membership required to complete this procedure.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Implement one LUN for the quorum and another LUN for the data
41. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
The Group Policy Management Console
Role Separation
Windows System Resource Manager (WSRM)
Active Directory Users and Computers utility
42. To identify users who bypass the new corporate security policy -
An Active Directory subnet object needs to be created.
Prestage the computer account in AD
Assign the application to computers in the PC OU
Configure Audit Special Logon and define Special Groups
43. To backup Virtual Machines
Microsoft Desktop Optimization Pack (MDOP)
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Then configure auto enrollment of certificates and Credential Roaming.
44. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
45. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Create a new Password Settings Object (PSO) for the IT users.
46. When service account passwords need to be changed for SQL they should be...
Authorization Manager role assignment
DISABLE slow link detection in the GPO
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Changed manually
47. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Configure Firewall Group Policies and link them at the Domain level
Microsoft System Center Data Protection Manager
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
48. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
From Server A - run Create Basic Task Wizard
Raise the DFL to Windows Server 2008 R2.
NOT be able to store that data on an iSCSI SAN
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
49. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Implement the Windows Search Service.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Domain based Distributed File System (DFS) namespace and DFS Replication.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
50. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Test-AppLockerPolicy
Add the Windows Server Backup feature and Windows System Image recovery.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
