Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Deploy a failover cluster that contains one node in each office.
Modify the schema of LDSInst1
Execute the Set-ADServiceAccount cmdlet

2. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Create and deploy a logon script that runs Auditpol.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Then use Windows Deployment Services (WDS)
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.

3. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Assign the application to all client computers by using a GPO.
Use CISCO IP Helper command to configure.
Recommend Active Directory delegation
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

4. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Winrm quickconfig
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array

5. Need to ensure users receive updated template within five days...
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Registry on users computer needs to be modified
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.

6. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
Install From Media IFM
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Deploy a failover cluster that uses Node and File Share Disk Majority
Basic Authentication and SSL

7. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Use the Local Roles options with dsmgmt.
Implement GPO for all client computers
FILES option within Ntdsutil

8. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Certificate Templates
Then configure auto enrollment of certificates and Credential Roaming.
Disable Site Link Bridging from IP Properties
dsa.msc - dsamain.exe - ntdsutil.exe

9. When recommending a monitoring solution for an application so that it's events can be stored in a central
Event Subscriptions
Raise the DFL to Windows Server 2008 R2.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Configure authorization rules for Web developers on each web server

10. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

11. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Raise the DFL to Windows Server 2008 R2.
FILES option within Ntdsutil
Create an Active Directory-Integrated zone.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

12. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Autonomous mode...This allows the local administrator to approve their own updates.

13. To determine size of AD database file...
AD RMS
Dfsrdiag
Site
View properties of %systemroot%ntdsntds.dit

14. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.

15. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Dsmgmt
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Implement a Remote Desktop Connection Broker (RD Connection Broker)

16. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Disable Site Link Bridging from the IP properties
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Changed manually

17. If you want to allow single-label name resolution
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Then configure GlobalNames zones on each domain controller.

18. If you need to minimize the bandwidth for installation
Assign the application to computers in the PC OU
net stop ntds
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Utilize IFM (Install From Media)

19. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Deploy Microsoft System Center Operations Manager (SCOM)
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th

20. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Disable Site Link Bridging from IP Properties
Ldp
Configure event log subscriptions
Implement Shadow Copies

21. When one needs to audit files - folders - printers and the registry enable
Prestage the computer account in AD
Dsmgmt
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.

22. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Administrators is the minimum group membership required to complete this procedure.
Dynamically expanding VHD's
Microsoft Application Virtualization (AppV)
Ensure your account - or the group is a member of the local Administrators group for that specific server.

23. DFL is...
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Win2000 Native
NOT be able to store that data on an iSCSI SAN

24. What should be done first to defragment the AD database?
Run net stop ntds
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
dnscmd
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)

25. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Refresh the zone on DNS2
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Install From Media IFM
Test-AppLockerPolicy

26. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Upgrading DFS to Windows Server 2008 R2
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Deploy a failover cluster that uses Node and File Share Disk Majority

27. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
IIS Manager user account

28. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
CAPublishGP group should have the Manage CA permission.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.

29. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Import-Module
Use the Local Roles options with dsmgmt.
Assign the application to computers in the PC OU
Implement a Remote Desktop Connection Broker (RD Connection Broker)

30. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Configure offline files and enable manual caching
Test-AppLockerPolicy
Refresh the zone on DNS2
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.

31. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
A Distributed File System (DFS) namespace
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Implement the Windows Search Service.
Install From Media IFM

32. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Create a standard secondary of domain and create standard secondary of other domain.
Test-AppLockerPolicy
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Recommend Active Directory delegation

33. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Add the Windows Server Backup feature and Windows System Image recovery.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Install Hyper-V role and convert physical machines into virtual machines

34. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Improve the performance of File Servers
Domain based DFS namespace and configure a DFS replication group
Execute the Set-ADServiceAccount cmdlet

35. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
MEDV to deploy virtual desktops
Increase the tombstone lifetime for the forest.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Implement Windows System Resource Manager (WSRM) and configure user policies

36. To backup to tape/robotic tape and to backup VMs you must use...
Configure authorization rules for Web developers on each web server
Administrative Role Separation
Windows Server 2003
Microsoft System Center Data Protection Manager 2010

37. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Create an e-mail account in AD DS for your RMS users.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Microsoft SharePoint Foundation 2010

38. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
DSMOD
Dsmgmt
Basic Authentication and SSL
Windows Deployment Services (WDS)

39. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Create an Active Directory-Integrated zone.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise

40. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Active Directory Users and Computers utility
Implement Distributed File System Replication (DFSR) on both servers
Recommend Offline Files
Enable Credential Roaming

41. To ensure that a file on a file server do not leave the organization you must implement this.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
AD RMS
Install and share a printer on a server and then enable printer pooling.
Deploy Microsoft System Center Operations Manager (SCOM)

42. Striped volumes
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
DSMOD
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Improve the performance of File Servers

43. To allow a user to administer Active Directory
IIS Manager user account
Add the user to the Domain Admins global group
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Implement a Remote Desktop Connection Broker (RD Connection Broker)

44. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Properties of PSO need modified
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.

45. 4 steps to perform authoritative restore of a deleted OU...
Network Load Balancing (NLB)
FILES option within Ntdsutil
Use Netsh tool from administrator's computer.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller

46. To allow connection to a 256 Kbps ISDN...
Upgrading DFS to Windows Server 2008 R2
Run the Delegation of Control Wizard on the Staff OU
DISABLE slow link detection in the GPO
Active Directory Domains and Trusts

47. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Test-AppLockerPolicy
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Configure separate application pools for each application

48. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Autonomous mode...This allows the local administrator to approve their own updates.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office

49. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Create a Central Store
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
dsa.msc - dsamain.exe - ntdsutil.exe
Configure caching on the shared folder (offline files)

50. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
dnscmd tool
Incoming external trust
Role Separation