Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Install and share a printer on a server and then enable printer pooling.
An Active Directory subnet object needs to be created.
Set-ADServiceAccount cmdlet

2. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Implement Windows System Resource Manager (WSRM)
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.

3. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Enable Windows Remote Management (WinRM) on each server.
Ntdsutil

4. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Implement Distributed File System Replication (DFSR) on both servers
Implement a domain-based DFS namespace that uses replication
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.

5. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Perform an authoritative restore

6. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Basic Authentication and SSL
Dsmgmt
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions

7. If you need to encrypt all data on all disks
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Improve the performance of File Servers
Then use Windows BitLocker Drive Encryption

8. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Recommend Active Directory delegation

9. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
Implement a GPO for each domain
Then use on install image file that contains a single install image.
Implement Windows BitLocker Drive Encryption (BitLocker)
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.

10. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Implement Windows System Resource Manager (WSRM) and configure user policies
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Configure caching on the shared folder and configure offline files to use encryption
Enable Windows Remote Management (WinRM) on each server.

11. To restore deleted user account from AD Recycle Bin...
Autonomous mode...This allows the local administrator to approve their own updates.
Add-ADFineGrainedPasswordPolicySubject cmdlet
Deploy a GPO to the WebSrvOU
Restore-ADObject cmdlet

12. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Creating a data collector set that kick off a scritp that either move or delete files.
Deploy it by using Group Policy Software Installation method
Test-AppLockerPolicy

13. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Install and share a printer on a server and then enable printer pooling.
Properties of PSO need modified
Configure offline files and enable manual caching
Enable Credential Roaming

14. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Then use Windows Deployment Services (WDS) on DHCP1.
dnscmd

15. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Implement Shadow Copies
Share and Storage Management
Then use Windows BitLocker Drive Encryption

16. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
FILES option within Ntdsutil
Install and share a printer on a server and then enable printer pooling.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

17. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
Run the Delegation of Control Wizard on the Staff OU
File Server Resource Manager (FSRM) quotas and file screens
Set-ADServiceAccount cmdlet
Recommend Active Directory delegation

18. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Modify the schema of LDSInst1
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Attach VHD file created by Windows server backup

19. What should be done first to defragment the AD database?
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
PDC emulator with w32tm.exe
Configure caching on the shared folder (offline files)
Run net stop ntds

20. To prevent account password from being cached on RODC server...
Modify properties of RODC server computer account.
Distributed File System (DFS) Replication
Implement a GPO for each domain
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service

21. You need to allow a user to add a single computer to a domain - without any additional rights...
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Microsoft Desktop Optimization Pack (MDOP) to your company
Prestage the computer account in AD
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise

22. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Windows BitLocker Drive Encryption (Bit Locker)
Include a server that runs Microsoft Office SharePoint Server 2010
dnscmd tool
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie

23. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Then configure auto enrollment of certificates and Credential Roaming.
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition

24. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Microsoft Application Virtualization (AppV)
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.

25. New password settings object (PSO) created and needs to be applied to user
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Enable - ADoptionalFeature cmdlet
Properties of PSO need modified
Implement Windows System Resource Manager (WSRM)

26. You have been tasked with backing up all the GPOs in the domain. The IT manager also wants you to minimize the size of the backup. You decide to use...
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
The Group Policy Management console
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.

27. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Implement Windows System Resource Manager (WSRM) and configure user policies
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Incoming external trust
AD RMS

28. What shold be done to configure AD RMS so users can protect their data?
Offline domain join
Creating a data collector set that kick off a scritp that either move or delete files.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Create an e-mail account in AD DS for your RMS users

29. A specific application requires registry modifications to be in place before installing; you should use
A relying party trust should be created.
Group Policy Preferences
Enable Windows Remote Management (WinRM) on each server.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in

30. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Create a MEDV workspace
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Configure an audit policy by editing the default domain policy and configure Event Forwarding

31. George's user account has been deleted in Active Directory. George's user account needs to be restored by usine minimal amount of effort. What should be done?
Perform an authoritative restore
Create an Active Directory-Integrated zone.
Raise the DFL to Windows Server 2008 R2.
Microsoft Desktop Optimization Pack (MDOP) to your company

32. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Purchase one additional Enterprise License
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Run adprep /forestprep and adprep /domainprep
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.

33. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Dynamically expanding VHD's
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Assign the application to computers in the PC OU

34. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Get-ADUser cmdlet
Create a new Password Settings Object (PSO) for the IT users.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Passive file screens

35. The strongest form of NAP is
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Dsmgmt
Create and deploy a logon script that runs Auditpol.
Domain based Distributed File System (DFS) will reduce network traffic

36. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Windows XP Mode
Enable Credential Roaming
FFL Windows Server 2008 R2

37. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

38. For the users that work remotely that need access to files from the corporate office you should...
An Active Directory subnet object needs to be created.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Deploy a failover cluster that contains one node in each office.
Recommend Offline Files

39. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Site
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.

40. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Include a server that runs Microsoft Office SharePoint Server 2010
Backup operator's domain local group
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Implement Network Access Protection (NAP)

41. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
An Active Directory subnet object needs to be created.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Add-ADFineGrainedPasswordPolicySubject cmdlet
Implement File Server Resource Manager (FSRM) quotas on the desired servers

42. To make deploying the custom Word dictionary easy
Get-ADUser cmdlet
Recommend Group Policy preferences
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Modify the schema of LDSInst1

43. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
Domain based DFS namespace and configure a DFS replication group
Deploy the Root CA certificate to the external computers.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Windows Deployment Services (WDS)

44. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Install Windows Server Backup and modify the Windows firewall settings
Configure RODC for Administrator Role Separation
Configure authorization rules for Web developers on each web server
Authorization Manager role assignment

45. You have a main office that contains two domain controllers and a branch office that has an RODC. What should be done so that a user named George can install updates on the RODC while preventing George from logging on to any other domain controller?
Active Directory Users and Computers utility
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Use the Local Roles options with dsmgmt.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)

46. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Basic Authentication and SSL
Recommend Group Policy preferences

47. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.

48. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Refresh the zone on DNS2
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Configure Audit Special Logon and define Special Groups

49. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Add the Windows Server Backup feature and Windows System Image recovery.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Domain based Distributed File System (DFS) will reduce network traffic

50. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Restore-ADObject cmdlet
Install Hyper-V role and convert physical machines into virtual machines
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

MSITP

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests