Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. When recommending a monitoring solution for an application so that it's events can be stored in a central
Event Subscriptions
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Then use Windows Deployment Services (WDS)
Windows BitLocker Drive Encryption (Bit Locker)

2. If CA PKI needs to support Suite B hashing and encryption algorithms and store keys in AD
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Configure authorization rules for Web developers on each web server
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Then install new Server 2008 R2 Enterprise subordinate CA.

3. You need to deploy a sales application that only the sales users must have access to
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Configure caching on the shared folder (offline files)
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Deploy a GPO for the Sales OU

4. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
Windows Server 2003
ntdsutil
Raise the DFL to Windows Server 2008 R2.
Configure caching on the shared folder and configure offline files to use encryption

5. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Distributed File System (DFS) Replication
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Configure folder redirection
Upgrading DFS to Windows Server 2008 R2

6. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Install Windows Server Backup and modify the Windows firewall settings
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise

7. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Modify the GPO to include folder redirection
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Windows Server 2003

8. To backup to tape/robotic tape and to backup VMs you must use...
Disable Site Link Bridging from the IP properties
Restore-ADObject cmdlet
Jill came down with 2.50.
Microsoft System Center Data Protection Manager 2010

9. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Configure event log subscriptions

10. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
Changed manually
Create and deploy a logon script that runs Auditpol.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.

11. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Then use Windows BitLocker Drive Encryption
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Microsoft System Center Data Protection Manager 2010
Windows XP Mode

12. To be able to manage all the corporate servers from a workstation - you must install the
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Execute the Set-ADServiceAccount cmdlet
FILES option within Ntdsutil

13. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Create a standard secondary of domain and create standard secondary of other domain.
Then use Windows Deployment Services (WDS) on DHCP1.
Deploy the Root CA certificate to the external computers.
Implement a GPO for each domain

14. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Implement Windows System Resource Manager (WSRM) and configure user policies
Add the new UPN Suffix to the forest
Windows System Resource Manager (WSRM)
Create an e-mail account in AD DS for your RMS users.

15. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
Recommend GPT and basic disks
Then use on install image file that contains a single install image.
Disable Site Link Bridging from IP Properties
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)

16. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
NOT be able to store that data on an iSCSI SAN
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Implement Distributed File System Replication (DFSR) on both servers

17. When one needs to audit files - folders - printers and the registry enable
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers

18. Tool to change Directory Services Restore Mode password on Domain Controller...
Implement one LUN for the quorum and another LUN for the data
Configure separate application pools for each application
ntdsutil
Configure RODC for Administrator Role Separation

19. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
A Distributed File System (DFS) namespace
Certificate Templates
Then install new Server 2008 R2 Enterprise subordinate CA.
Administrative Role Separation

20. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Install the RSAT tool on their workstation to provide for more efficient network management
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Recommend Active Directory delegation
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

21. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Enable - ADoptionalFeature cmdlet
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Modify the schema of LDSInst1

22. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

23. To deploy templates across the organization
Disable Site Link Bridging from IP Properties
Add the user to the Domain Admins global group
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Improve the performance of File Servers

24. New Password Policy needs to be created for OU different from domain password policy
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Authorization Manager role assignment
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Implement Network Access Protection (NAP)

25. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Implement Windows System Resource Manager (WSRM) and configure user policies
Include a server that runs Microsoft Office SharePoint Server 2010
Modify the GPO to include folder redirection

26. To be able to user an application from one AD FS with authentication server to another...
A relying party trust should be created.
Run the Delegation of Control Wizard on the Staff OU
Basic Authentication and SSL
Deploy the Root CA certificate to the external computers.

27. To determine size of AD database file...
Ldp
Create an e-mail account in AD DS for your RMS users.
Properties of PSO need modified
View properties of %systemroot%ntdsntds.dit

28. If users need access to files locally and must be able to access files at another site if the local copy is not available you should implement this.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
A Distributed File System (DFS) namespace
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Active Directory Domains and Trusts

29. Policy states that users are to log into AD by usine a new User Principal Name (UPN). What tool should be used to modify the UPN suffix for all user accounts?
DSMOD
Win2000 Native
Active Directory Users and Computers
Configure offline files and enable manual caching

30. If you need to minimize amount of time and impact of 50 simultaneous Win7 installations
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
From Server1 - run the Create Basic Task Wizard

31. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
File Server Resource Manager (FSRM) quotas and file screens
Assign the application to computers in the PC OU
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.

32. You need to relocate an AD LDS instance from C: Drive to D: Drive
Create a Network Load Balancing cluster.
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Multipath I/O feature

33. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Modify the schema of LDSInst1
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Back up to an external USB drive by using Windows Server Backup
Test-AppLockerPolicy

34. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Basic Authentication and SSL
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Windows XP Mode

35. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Install the RSAT tool on their workstation to provide for more efficient network management
Autonomous mode...This allows the local administrator to approve their own updates.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service

36. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
From Server1 - run the Create Basic Task Wizard
Win2000 Native
DFL needs to be Windows Server 2008
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary

37. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Implement a domain-based DFS namespace that uses replication
Configure Firewall Group Policies and link them at the Domain level
Refresh the zone on DNS2
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.

38. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
IIS Manager user account
Offline domain join
Ntdsutil

39. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
dnscmd
Active Directory Right Management Services (AD RMS)
Perform an authoritative restore
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP

40. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Dfsrdiag
Implement one LUN for the quorum and another LUN for the data
Event Log Subscriptions
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary

41. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Raise the DFL to Windows Server 2008 R2.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.

42. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Changed manually
Add the user to the Domain Admins global group
Deploy a GPO to the WebSrvOU

43. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
From Server1 - run the Create Basic Task Wizard
Run net stop ntds
WSUS server in the branch office in replica mode.
Microsoft Desktop Optimization Pack (MDOP) to your company

44. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Passive file screens
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.

45. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Microsoft Application Virtualization (AppV)
Modify the schema of LDSInst1
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management

46. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Domain based Distributed File System (DFS) will reduce network traffic
Win2000
A Distributed File System (DFS) namespace

47. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
An Active Directory subnet object needs to be created.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
The Group Policy Management console
Assign permissions for the Groups OU and Branch OU to the help desk technicians.

48. You need a solution that meets policy while minimizing hardware and software costs
Add George to the Domain Admins group.
Create an e-mail account in AD DS for your RMS users
Share and Storage Management
Create a new Password Settings Object (PSO) for the IT users.

49. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Group Policy Preferences
Modify properties of RODC server computer account.
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Configure event log subscriptions

50. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Import-Module