SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To backup Virtual Machines
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Add the new UPN suffix to the forest.
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
2. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Implement Windows BitLocker Drive Encryption (BitLocker)
Implement Network Access Protection (NAP)
Implement Shadow Copies
Create and deploy a logon script that runs Auditpol.
3. What should be done to ensure changes made to AD objects can be logged?
Upgrading DFS to Windows Server 2008 R2
Modify the GPO to include folder redirection
dsa.msc - dsamain.exe - ntdsutil.exe
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
4. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Configure authorization rules for Web developers on each web server
Use a GPO to configure device installation restrictions
A relying party trust should be created.
5. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Create a standard secondary of domain and create standard secondary of other domain.
Create and deploy a logon script that runs Auditpol.
Get-ADUser cmdlet
6. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Configure offline files and enable manual caching
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
7. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Incoming external trust
IIS Manager user account
New ACCOUNT STORE should be added and configured
8. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Add George to the Domain Admins group.
Creating a data collector set that kick off a scritp that either move or delete files.
Disable Site Link Bridging from the IP properties
Incoming external trust
9. With Group Polices having over 8 -000 different settings - the possibility of conflicting policies - and security filters you should track multiple versions and offline modifications to GPOs. You should recommend
Microsoft Desktop Optimization Pack (MDOP)
Set-ADServiceAccount cmdlet
Dynamically expanding VHD's
Implement folder redirection by using GPO. Then backup the folder redirection target.
10. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
Configure caching on the shared folder and configure offline files to use encryption
fsconfig on FSSrv2
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
11. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
View properties of %systemroot%ntdsntds.dit
Implement Distributed File System Replication (DFSR) on both servers
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Administrators is the minimum group membership required to complete this procedure.
12. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Incoming external trust
Passive file screens
Deploy a GPO to the WebSrvOU
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
13. What should be done to resolve names by using GlobalNames zone?
dnscmd tool
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Repadmin
Then use Windows Deployment Services (WDS) on DHCP1.
14. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
Dfsrdiag
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Create and deploy a logon script that runs Auditpol.
Win2000
15. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Upgrading DFS to Windows Server 2008 R2
Test-AppLockerPolicy
Configure authorization rules for Web developers on each web server
Multipath I/O feature
16. To delegate authority to users to manage only certain areas in Hyper-V use the
Authorization Manager role assignment
Create a standard secondary of domain and create standard secondary of other domain.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Enable Windows Remote Management (WinRM) on each server.
17. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Configure block inheritance on the IT OU
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
18. To prevent computers that do not have the Windows Firewall enabled from connecting to the wireless access point or the physical switch - you should implement this.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
802.1.x NAP
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Test-AppLockerPolicy
19. To configure Administrator Role Separation for an RODC
Set-ADServiceAccount cmdlet
Backup operator's domain local group
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
20. You need a solution that meets policy while minimizing hardware and software costs
Configure Firewall Group Policies and link them at the Domain level
Create a new Password Settings Object (PSO) for the IT users.
The Group Policy Management console
Utilize IFM (Install From Media)
21. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Run net stop ntds
Autonomous mode...This allows the local administrator to approve their own updates.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Authorization Manager
22. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
From Server A - run Create Basic Task Wizard
Use Netsh tool from administrator's computer.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Domain based Distributed File System (DFS) namespace and DFS Replication.
23. There's an AD domain named company.com. There are 3 DC's that also hold the DNS server role which host an ADI zone named company.com. This zone is configured to update settings to Secure only Dynamic Updates. The CIO has issued a new security policy
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Implement Windows System Resource Manager (WSRM)
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
24. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
DISABLE slow link detection in the GPO
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
25. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Modify the schema of LDSInst1
dsa.msc - dsamain.exe - ntdsutil.exe
Network Load Balancing (NLB)
26. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Get-ADUser cmdlet
Autonomous mode...This allows the local administrator to approve their own updates.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Disable Site Link Bridging from IP Properties
27. File that contains the last logon time and custom attributes values for each user in your forest.
Get-ADUser cmdlet
Enable Credential Roaming
Increase the tombstone lifetime for the forest.
Implement Windows System Resource Manager (WSRM) and configure user policies
28. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Test-AppLockerPolicy
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Increase the tombstone lifetime for the forest.
29. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Active Directory Users and Computers utility
Administrative Role Separation
Improve the performance of File Servers
Dsmgmt
30. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
31. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Certificate Templates
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
32. What GPO setting should be configured to prevent all users from running an application?
Software Restriction Polices
DISABLE slow link detection in the GPO
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Windows XP Mode
33. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Deploy a failover cluster that uses Node and File Share Disk Majority
Creating a data collector set that kick off a scritp that either move or delete files.
Implement Windows System Resource Manager (WSRM)
Perform an authoritative restore
34. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
Active Directory snapshots and Tombstone reanimation
From Server A - run Create Basic Task Wizard
From Server1 - run the Create Basic Task Wizard
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
35. If users complain that it is hard to find the shared folders on the network implement
Incoming external trust
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Additional DFS Targets
Recommend Group Policy preferences
36. To restore deleted user account from AD Recycle Bin...
IIS Chared Configuration
Install From Media IFM
Restore-ADObject cmdlet
Autonomous mode...This allows the local administrator to approve their own updates.
37. To configure AD FS so tokens contain information from Active Directory domain...
New ACCOUNT STORE should be added and configured
Service user account for AD LDS
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Properties of PSO need modified
38. If subnets are connected by CISCO router that is RFC-1542 compliant
Microsoft Desktop Optimization Pack (MDOP) to your company
Include a server that runs Microsoft Office SharePoint Server 2010
Basic Authentication and SSL
Use CISCO IP Helper command to configure.
39. To compact AD database...
FILES option within Ntdsutil
Then configure GlobalNames zones on each domain controller.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Then configure auto enrollment of certificates and Credential Roaming.
40. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Storage manager for SANs
Use a GPO to configure device installation restrictions
Implement Windows System Resource Manager (WSRM) and configure user policies
Network Load Balancing (NLB) cluster
41. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Install Hyper-V role and convert physical machines into virtual machines
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Microsoft Desktop Optimization Pack (MDOP)
FILES option within Ntdsutil
42. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Deploy a GPO to the WebSrvOU
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Set-ADServiceAccount cmdlet
43. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Active Directory Right Management Services (AD RMS)
Active Directory snapshots and Tombstone reanimation
Then use Windows BitLocker Drive Encryption
44. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Administrative Role Separation
45. If a file server reaches 15% free disk space - you could free up some disk space by
Creating a data collector set that kick off a scritp that either move or delete files.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
DSMOD
Dynamically expanding VHD's
46. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Deploy it by using Group Policy Software Installation method
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Software Restriction Polices
AD RMS
47. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Implement Windows System Resource Manager (WSRM)
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
48. DFL is...
Network Load Balancing (NLB) cluster
Win2000 Native
Recommend Group Policy preferences
Modify the local policy to point to the Internal WSUS server
49. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Configure separate application pools for each application
Implement Network Access Protection (NAP) that uses 802.1x enforcement
From Server A - run Create Basic Task Wizard
Create ADMX and ADML files. Configure the GPO and link it to the domain.
50. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Configure Firewall Group Policies and link them at the Domain level
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests