SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To ensure that recovery is possible if a file on a file server is deleted accidentally
Implement Shadow Copies
Group Policy Preferences
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
2. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Active Directory Right Management Services (AD RMS)
Purchase one additional Enterprise License
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Create a Central Store
3. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
Add the new UPN suffix to the forest.
From Server A - run Create Basic Task Wizard
Configure the zone as an Activde Directory-Integrated zone.
Configure folder redirection
4. To backup to tape/robotic tape and to backup VMs you must use...
AD RMS
Microsoft System Center Data Protection Manager 2010
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
5. To backup Virtual Machines
Create an Active Directory-Integrated zone.
Group Policy Preferences
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
6. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Multipath I/O feature
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Recommend Group Policy preferences
ntdsutil
7. GPO setting to prevent all users from running an application
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Enable Windows Remote Management (WinRM) on the servers.
Software Restriction Polices
Authorization Manager
8. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Certificate Templates
DSMOD
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
New ACCOUNT STORE should be added and configured
9. If subnets are connected by CISCO router that is RFC-1542 compliant
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Configure event log subscriptions
Use CISCO IP Helper command to configure.
Implement a GPO for each domain
10. You need a solution that allows a global group to perform the following: stop and start services; change registry settings; change network settings
Autonomous mode...This allows the local administrator to approve their own updates.
FILES option within Ntdsutil
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
11. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
AD Rights Management Services
IIS Manager user account
Upgrading DFS to Windows Server 2008 R2
Dsmgmt
12. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
AD Rights Management Services
Active Directory Users and Computers utility
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
13. 4 steps to perform authoritative restore of a deleted OU...
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Then install new Server 2008 R2 Enterprise subordinate CA.
Add George to the Domain Admins group.
Active Directory Right Management Services (AD RMS)
14. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Administrative Role Separation
Create a standard secondary of domain and create standard secondary of other domain.
Then use Windows BitLocker Drive Encryption
15. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
16. To deploy templates across the organization
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
17. If you want to allow single-label name resolution
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Then configure GlobalNames zones on each domain controller.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Windows XP Mode
18. If you want to implement BitLocker and store recovery informaiton in a central location
Modify the schema of LDSInst1
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
19. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
MEDV to deploy virtual desktops
Run auditpol and then configure the Security settings of the Domain Controllers OU.
20. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
ntdsutil
Windows System Resource Manager (WSRM)
Administrators is the minimum group membership required to complete this procedure.
Improve the performance of File Servers
21. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
22. To be able to user an application from one AD FS with authentication server to another...
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Add-ADFineGrainedPasswordPolicySubject cmdlet
A relying party trust should be created.
Group Policy Preferences
23. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
From Server1 - run the Create Basic Task Wizard
Configure block inheritance on the IT OU
Install Hyper-V role and convert physical machines into virtual machines
24. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Basic Authentication and SSL
Recommend Group Policy preferences
Configure an audit policy by editing the default domain policy and configure Event Forwarding
25. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
AD Domains and Trusts
26. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Disable Site Link Bridging from IP Properties
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
27. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Configure caching on the shared folder (offline files)
Microsoft System Center Data Protection Manager 2010
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
28. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Configure separate application pools for each application
Then use Windows Deployment Services (WDS)
Network Load Balancing (NLB) cluster
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
29. To create AD Domain Services snapshot
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Ntdsutil
30. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
A relying party trust should be created.
Properties of PSO need modified
Implement a domain-based DFS namespace that uses replication
Distributed File System (DFS) Replication
31. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Microsoft SharePoint Foundation 2010
Implement Shadow Copies
Role Separation
Discover the run Microsoft Baseline Security Analyzer (MBSA)
32. What should be done to ensure changes made to AD objects can be logged?
Domain based Distributed File System (DFS) namespace and DFS Replication.
Modify properties of RODC server computer account.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
dnscmd
33. To make deploying the custom Word dictionary easy
Recommend Group Policy preferences
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Configure authorization rules for Web developers on each web server
34. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Create a Network Load Balancing cluster.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
A Distributed File System (DFS) namespace
35. If you need to ensure that data is protected by BitLocker then you will...
NOT be able to store that data on an iSCSI SAN
Deploy a failover cluster that contains one node in each office.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
36. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Improve the performance of File Servers
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
37. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Domain based DFS namespace and configure a DFS replication group
Recommend GPT and basic disks
Implement Shadow Copies
38. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
Implement the Windows Search Service.
Microsoft Application Virtualization (AppV)
Group Policy Preferences
Configure caching on the shared folder (offline files)
39. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Configure RODC for Administrator Role Separation
Recommend Group Policy preferences
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
40. To prevent account password from being cached on RODC server...
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Modify properties of RODC server computer account.
Perform an authoritative restore
Implement Distributed File System Replication (DFSR) on both servers
41. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Site
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Microsoft SharePoint Foundation 2010
A Distributed File System (DFS) namespace
42. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
Create a MEDV workspace
Win2000 Native
Configure folder redirection
Discover the run Microsoft Baseline Security Analyzer (MBSA)
43. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Backup operator's domain local group
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Windows Server 2003
44. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Ntfrsutil
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Active Directory Domains and Trusts
45. The Computer Management snap-in allows you to create shares both on...
CAPublishGP group should have the Manage CA permission.
Software Restriction Polices
Your machine and remote desktops
Implement Network Access Protection (NAP)
46. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Configure Firewall Group Policies and link them at the Domain level
Configure caching on the shared folder (offline files)
Repadmin
Win2000 Native
47. To update ADRMS password...
AD Rights Management Services
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Registry on users computer needs to be modified
Changed manually
48. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Distributed File System (DFS) Replication
Implement GPO for all client computers
Disable Site Link Bridging from IP Properties
dnscmd
49. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
AD Domains and Trusts
Create ADMX and ADML files. Configure the GPO and link it to the domain.
50. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Dsmgmt
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
