SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Active Directory Users and Computers utility
Implement GPO for all client computers
2. If you want to implement BitLocker and store recovery informaiton in a central location
Group Policy Preferences
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Service user account for AD LDS
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
3. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Configure event log subscriptions
DISABLE slow link detection in the GPO
Install the RSAT tool on their workstation to provide for more efficient network management
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
4. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Winrm quickconfig
Implement one LUN for the quorum and another LUN for the data
Use local roles options within "dsmgmt"
Deploy a failover cluster that contains one node in each office.
5. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Deploy a GPO to the WebSrvOU
Configure block inheritance on the IT OU
802.1.x NAP
Create a MEDV workspace
6. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Implement GPO for all client computers
Dynamically expanding VHD's
Network Load Balancing (NLB)
From Server1 - run the Create Basic Task Wizard
7. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Implement the Windows Search Service.
Event Viewer
Use a GPO to configure device installation restrictions
Implement Windows System Resource Manager (WSRM)
8. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Then use on install image file that contains a single install image.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Passive file screens
Raise the DFL to Windows Server 2008 R2.
9. You need to design your WSUS infrastructure so that updates are highly available. To do so
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
10. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Then use Windows BitLocker Drive Encryption
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Back up to an external USB drive by using Windows Server Backup
WDS
11. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Passive file screens
Subnet object needs to be created
AD Rights Management Services
12. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
WSUS server in the branch office in replica mode.
Perform an authoritative restore
Role Separation
Create an Active Directory-Integrated zone.
13. To allow connection to a 256 Kbps ISDN...
Create and deploy a logon script that runs Auditpol.
Back up to an external USB drive by using Windows Server Backup
Configure separate application pools for each application
DISABLE slow link detection in the GPO
14. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Configure RODC for Administrator Role Separation
Storage manager for SANs
AD Rights Management Services
15. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Windows XP Mode
Deploy it by using Group Policy Software Installation method
Data Recovery Agent
Windows BitLocker Drive Encryption (Bit Locker)
16. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Ensure your account - or the group is a member of the local Administrators group for that specific server.
17. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Install Windows Server Backup and modify the Windows firewall settings
Deploy Microsoft System Center Operations Manager (SCOM)
Event Log Subscriptions
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
18. If you need to minimize the bandwidth for installation
Then use Windows BitLocker Drive Encryption
Administrators is the minimum group membership required to complete this procedure.
Active Directory Domains and Trusts
Utilize IFM (Install From Media)
19. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Event Log Subscriptions
Purchase one additional Enterprise License
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Utilize IFM (Install From Media)
20. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Configure block inheritance on the IT OU
Add the new UPN suffix to the forest.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
21. What Function Level (FL) needs to be in place to enable AD Recycle Bin?
Use the Local Roles options with dsmgmt.
FFL Windows Server 2008 R2
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
22. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Add the user to the Domain Admins global group
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
23. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Administrative Role Separation
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Group Policy Preferences
Configure caching on the shared folder and configure offline files to use encryption
24. You need to implement read only copies of files at several locations. You currently have DFS for 2008 deployed. You should recommend this.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Upgrading DFS to Windows Server 2008 R2
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
PDC emulator with w32tm.exe
25. Jack and Jill go up the hill - both with a buck and a quarter
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Additional DFS Targets
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Jill came down with 2.50.
26. If users complain that it is hard to find the shared folders on the network implement
Configure Audit Special Logon and define Special Groups
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Additional DFS Targets
27. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Repadmin
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Deploy a failover cluster that contains one node in each office.
Group Policy Preferences
28. All users store their files in their Documents folder. Some of these are very large. You are going to implement roaming profiles for all your users. You will configure this by using a GPO. To minimize the amount of time it takes for your users to log
Modify the schema of LDSInst1
IIS Manager user account
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Modify the GPO to include folder redirection
29. What shold be done to configure AD RMS so users can protect their data?
Recommend GPT and basic disks
Active Directory Domains and Trusts
Create an e-mail account in AD DS for your RMS users
Enable Credential Roaming
30. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Configure caching on the shared folder and configure offline files to use encryption
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Create a standard secondary of domain and create standard secondary of other domain.
31. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
32. To delegate authority to users to manage only certain areas in Hyper-V use the
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Win2000 Native
Authorization Manager role assignment
Set-ADServiceAccount cmdlet
33. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Winrm quickconfig
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Utilize IFM (Install From Media)
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
34. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Windows Deployment Services (WDS)
Authorization Manager
Implement folder redirection by using GPO. Then backup the folder redirection target.
35. You need a solution that allows a global group to perform the following: stop and start services; change registry settings; change network settings
Zone transfer settings
Deploy the Root CA certificate to the external computers.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
36. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Create an Active Directory-Integrated zone.
Assign the application to all client computers by using a GPO.
Share and Storage Management
37. Auditing the deletion of Registry keys on all Domain Controllers
Win2000 Native
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Deploy a failover cluster that uses Node and File Share Disk Majority
38. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Upgrading DFS to Windows Server 2008 R2
Deploy a failover cluster that uses Node and File Share Disk Majority
Recommend Active Directory delegation
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
39. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Active Directory Users and Computers utility
Create an Active Directory-Integrated zone.
FILES option within Ntdsutil
40. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Winrm quickconfig
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Then configure auto enrollment of certificates and Credential Roaming.
41. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Then configure GlobalNames zones on each domain controller.
The Group Policy Management console
Create a Central Store
Disable Site Link Bridging from IP Properties
42. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Modify the schema of LDSInst1
Enable - ADoptionalFeature cmdlet
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Administrative Role Separation
43. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Then configure auto enrollment of certificates and Credential Roaming.
Then use Windows BitLocker Drive Encryption
DSMOD - ADUC
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
44. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
ntdsutil
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Administrators is the minimum group membership required to complete this procedure.
Recommend GPT and basic disks
45. George's user account has been deleted in Active Directory. George's user account needs to be restored by usine minimal amount of effort. What should be done?
Perform an authoritative restore
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Attach VHD file created by Windows server backup
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
46. To configure Administrator Role Separation for an RODC
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Use Netsh tool from administrator's computer.
Administrative Role Separation
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
47. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
From Server A - run Create Basic Task Wizard
Upgrading DFS to Windows Server 2008 R2
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
48. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
AD RMS
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
DSMOD - ADUC
50. To restore deleted user account from AD Recycle Bin...
Implement one LUN for the quorum and another LUN for the data
Recommend Offline Files
Restore-ADObject cmdlet
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
