Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Winrm quickconfig
Jill came down with 2.50.

2. If you want to allow single-label name resolution
Subnet object needs to be created
Then configure GlobalNames zones on each domain controller.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
View properties of %systemroot%ntdsntds.dit

3. To compact AD database...
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Use Netsh tool from administrator's computer.
Configure block inheritance on the IT OU
FILES option within Ntdsutil

4. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
DSMOD
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Increase the tombstone lifetime for the forest.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).

5. What should be done to resolve names by using GlobalNames zone?
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
dnscmd tool
Authorization Manager
Modify the schema of LDSInst1

6. If users complain that it is hard to find the shared folders on the network implement
Dfsrdiag
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Additional DFS Targets

7. to prevent VMs from receiving updats from a group policy
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Add-ADFineGrainedPasswordPolicySubject cmdlet
Properties of PSO need modified
Implement the Windows Search Service.

8. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Utilize IFM (Install From Media)
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Disable Site Link Bridging from IP Properties
Configure authorization rules for Web developers on each web server

9. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Install From Media IFM
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.

10. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Create a Central Store
Dfsrdiag
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.

11. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Import-Module
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Deploy Microsoft System Center Operations Manager (SCOM)

12. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
DFL needs to be Windows Server 2008
Deploy a failover cluster that contains one node in each office.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Microsoft System Center Data Protection Manager

13. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Modify the local policy to point to the Internal WSUS server
Implement Windows System Resource Manager (WSRM) and configure user policies
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
dnscmd tool

14. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Group Policy Preferences
Certificate Templates
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Increase the tombstone lifetime for the forest.

15. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Enable Credential Roaming
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Dfsrdiag

16. Tools to view contents of an OU in an AD snapshot...
dsa.msc - dsamain.exe - ntdsutil.exe
WSUS server in the branch office in replica mode.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Create a Network Load Balancing cluster.

17. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
Create a MEDV workspace
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Implement a domain-based DFS namespace that uses replication

18. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Basic Authentication and SSL
Site
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.

19. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Create an e-mail account in AD DS for your RMS users
DSMOD - ADUC

20. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
Dsmgmt
File Server Resource Manager (FSRM) quotas and file screens
Add the new UPN Suffix to the forest
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).

21. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Network Load Balancing (NLB) cluster
The Group Policy Management console
Assign the application to all client computers by using a GPO.

22. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Microsoft Desktop Optimization Pack (MDOP) to your company
Run the Delegation of Control Wizard on the Staff OU
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Use local roles options within "dsmgmt"

23. If you need secure method to verify validity of individual certificates and minimize network bandwidth
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Backup operator's domain local group
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.

24. If you need to delegate control of server to remote admins group
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Configure RODC for Administrator Role Separation
Implement Windows System Resource Manager (WSRM)
AD RMS

25. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Configure RODC for Administrator Role Separation
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
AD Domains and Trusts
Implement Distributed File System Replication (DFSR) on both servers

26. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Basic Authentication and SSL
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Use local roles options within "dsmgmt"
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.

27. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Use a GPO to configure device installation restrictions
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Incoming external trust

28. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Purchase one additional Enterprise License
Active Directory Right Management Services (AD RMS)
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.

29. George's user account has been deleted in Active Directory. George's user account needs to be restored by usine minimal amount of effort. What should be done?
Prestage the computer account in AD
Perform an authoritative restore
Configure caching on the shared folder and configure offline files to use encryption
Win2000 Native

30. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
WSUS server in the branch office in replica mode.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Add the new UPN Suffix to the forest

31. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Modify the local policy to point to the Internal WSUS server
Run adprep /forestprep and adprep /domainprep
Add the Windows Server Backup feature and Windows System Image recovery.
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.

32. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Get-ADUser cmdlet
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
FFL Windows Server 2008 R2
Implement a Remote Desktop Connection Broker (RD Connection Broker)

33. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Autonomous mode...This allows the local administrator to approve their own updates.
Install From Media IFM
Active Directory Domains and Trusts
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.

34. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Folder redirection. Folder redirection is also useful when using roamin profiles.
Administrative Role Separation
Microsoft System Center Data Protection Manager 2010
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP

35. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Administrators is the minimum group membership required to complete this procedure.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

36. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Win2000 Native

37. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Network Load Balancing (NLB) cluster
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Configure block inheritance on the IT OU

38. To make deploying the custom Word dictionary easy
Enable - ADoptionalFeature cmdlet
Microsoft Desktop Optimization Pack (MDOP)
Recommend Group Policy preferences
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)

39. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Autonomous mode...This allows the local administrator to approve their own updates.
Dsmgmt
From Server1 - run the Create Basic Task Wizard
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)

40. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.

41. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

42. For the users that work remotely that need access to files from the corporate office you should...
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Zone transfer settings
Recommend Offline Files
Prestage the computer account in AD

43. to make shares at a remote location available to users you should implement this.
Incoming external trust
Domain based Distributed File System (DFS) namespace and DFS Replication.
Install Windows Server Backup and modify the Windows firewall settings
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.

44. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Service user account for AD LDS
Implement Windows System Resource Manager (WSRM) and configure user policies
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
ntdsutil

45. If you need to minimize the bandwidth for installation
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Utilize IFM (Install From Media)

46. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

47. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Use CISCO IP Helper command to configure.
Create a Network Load Balancing cluster.
Attach VHD file created by Windows server backup

48. To ensure that recovery is possible if a file on a file server is deleted accidentally
Disable Site Link Bridging from IP Properties
The Group Policy Management console
Implement Shadow Copies
MEDV to deploy virtual desktops

49. Tool to change Directory Services Restore Mode password on Domain Controller...
AD Domains and Trusts
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Modify zone transfer settings for company.com zone on DCA
ntdsutil

50. To create AD Domain Services snapshot
Properties of PSO need modified
Dfsrdiag
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Ntdsutil