SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If you need to minimize the bandwidth for installation
Recommend Group Policy preferences
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Utilize IFM (Install From Media)
An Active Directory subnet object needs to be created.
2. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Ldp
Role Separation
A Distributed File System (DFS) namespace
3. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Implement one LUN for the quorum and another LUN for the data
Event Viewer
Domain based Distributed File System (DFS) will reduce network traffic
New ACCOUNT STORE should be added and configured
4. If users complain that it is hard to find the shared folders on the network implement
Additional DFS Targets
Network Load Balancing (NLB) cluster
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
5. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
Utilize IFM (Install From Media)
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
6. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
7. You need to recommend a BitLocker recovery method you should recommend this.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Data Recovery Agent
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
8. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Active Directory Domains and Trusts
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
FFL Windows Server 2008 R2
9. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Deploy Microsoft System Center Operations Manager (SCOM)
Domain based DFS namespace and configure a DFS replication group
Raise the DFL to Windows Server 2008 R2.
Microsoft System Center Data Protection Manager
10. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Share and Storage Management
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Purchase one additional Enterprise License
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
11. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Deploy a failover cluster that contains one node in each office.
fsconfig on FSSrv2
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
12. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Recommend GPT and basic disks
13. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Certificate Templates
Implement Distributed File System Replication (DFSR) on both servers
Share and Storage Management
14. You need a solution that meets policy while minimizing hardware and software costs
Enable Credential Roaming
Create a new Password Settings Object (PSO) for the IT users.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Recommend Offline Files
15. In order to manage websites without having to logon you can use
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Install Hyper-V role and convert physical machines into virtual machines
PowerShell 2.0
802.1.x NAP
16. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Site
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
17. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Multipath I/O feature
Improve the performance of File Servers
Implement Windows System Resource Manager (WSRM) and configure user policies
Implement Network Access Protection (NAP)
18. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Assign the application to computers in the PC OU
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
DISABLE slow link detection in the GPO
Administrative Role Separation
19. To replicate SYSVOL using Distributed File System Replication (DFSR)...
DFL needs to be Windows Server 2008
Ntfrsutil
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Domain based Distributed File System (DFS) namespace and DFS Replication.
20. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Increase the tombstone lifetime for the forest.
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Set-ADServiceAccount cmdlet
21. When using Remote Desktop and Remote Desktop Session hosts - to be able to control both who can gain access - and to what - on the network configure;
Zone transfer settings
Enable Windows Remote Management (WinRM) on the servers.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
22. If you need to delegate control of server to remote admins group
Implement a GPO for each domain
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Configure RODC for Administrator Role Separation
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
23. Capture all replication errors from all your DCs to a central location...
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Configure event log subscriptions
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Add the Windows Server Backup feature and Windows System Image recovery.
24. What role to keep same time as an external server?
PDC emulator with w32tm.exe
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Microsoft SharePoint Foundation 2010
ntdsutil
25. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Your machine and remote desktops
26. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
IIS Manager user account
Zone transfer settings
Run adprep /forestprep and adprep /domainprep
Attach VHD file created by Windows server backup
27. You plan to upgrade your networks desktops to Windows 7 however - after testing you discover an application that will only run on Windows XP. You need to make this application available to a large number of desktops.
Create a MEDV workspace
Registry on users computer needs to be modified
Recommend Group Policy preferences
Use Netsh tool from administrator's computer.
28. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
802.1.x NAP
Deploy a failover cluster that uses Node and File Share Disk Majority
Create a Central Store
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
29. To defragment and AD database...
AD RMS
net stop ntds
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
30. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Group Policy Preferences
Deploy a failover cluster that uses Node and File Share Disk Majority
Add the new UPN suffix to the forest.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
31. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
DISABLE slow link detection in the GPO
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
A relying party trust should be created.
32. If you need to encrypt all data on all disks
Then use Windows BitLocker Drive Encryption
Create an e-mail account in AD DS for your RMS users
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
dsa.msc - dsamain.exe - ntdsutil.exe
33. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Implement the Windows Search Service.
Configure caching on the shared folder and configure offline files to use encryption
Use the Local Roles options with dsmgmt.
Enable - ADoptionalFeature cmdlet
34. To backup GPO's in domain and minimize bakcup...
Additional DFS Targets
The Group Policy Management Console
Win2000
Then configure GlobalNames zones on each domain controller.
35. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Network Load Balancing (NLB)
FFL Windows Server 2008 R2
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Then install new Server 2008 R2 Enterprise subordinate CA.
36. You need to design your WSUS infrastructure so that updates are highly available. To do so
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Storage manager for SANs
Set-ADServiceAccount cmdlet
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
37. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Back up to an external USB drive by using Windows Server Backup
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Add the new UPN Suffix to the forest
38. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Incoming external trust
Certificate Templates
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
39. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Execute the Set-ADServiceAccount cmdlet
Passive file screens
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
40. If you need to minimize amount of time and impact of 50 simultaneous Win7 installations
Use CISCO IP Helper command to configure.
Domain based DFS namespace and configure a DFS replication group
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
41. New Password Policy needs to be created for OU different from domain password policy
Implement Network Access Protection (NAP)
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Deploy it by using Group Policy Software Installation method
Enable - ADoptionalFeature cmdlet
42. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Deploy a failover cluster that contains one node in each office.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Install and share a printer on a server and then enable printer pooling.
Run the Delegation of Control Wizard on the Staff OU
43. To allow a user to administer Active Directory
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Windows XP Mode
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Add the user to the Domain Admins global group
44. What should be done to ensure changes made to AD objects can be logged?
View properties of %systemroot%ntdsntds.dit
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Deploy a failover cluster that contains one node in each office.
WSUS server in the branch office in replica mode.
45. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Administrators is the minimum group membership required to complete this procedure.
Windows Deployment Services (WDS)
Dynamically expanding VHD's
46. You have a main office that contains two domain controllers and a branch office that has an RODC. What should be done so that a user named George can install updates on the RODC while preventing George from logging on to any other domain controller?
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Use the Local Roles options with dsmgmt.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Increase the tombstone lifetime for the forest.
47. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Microsoft Application Virtualization (AppV)
Configure block inheritance on the IT OU
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
48. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
Ntfrsutil
IIS Manager user account
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
49. to make shares at a remote location available to users you should implement this.
Software Restriction Polices
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Domain based Distributed File System (DFS) namespace and DFS Replication.
50. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Enable Credential Roaming
Back up to an external USB drive by using Windows Server Backup
Implement a Remote Desktop Connection Broker (RD Connection Broker)
