Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
Configure block inheritance on the IT OU
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Configure Audit Special Logon and define Special Groups
Implement a domain-based DFS namespace that uses replication

2. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Offline domain join
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Dsmgmt

3. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Test-AppLockerPolicy
Implement GPO for all client computers
File Server Resource Manager (FSRM) quotas and file screens
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.

4. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
IIS Manager user account
Authorization Manager role assignment
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Site

5. The strongest form of NAP is
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Software Restriction Polices
Microsoft Desktop Optimization Pack (MDOP) to your company

6. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Install Hyper-V role and convert physical machines into virtual machines
Configure caching on the shared folder and configure offline files to use encryption
dsa.msc - dsamain.exe - ntdsutil.exe

7. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
IIS Manager user account
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Attach VHD file created by Windows server backup

8. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
FILES option within Ntdsutil
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Create a GPO and link the GPO to the domain then configure the GPO to be enforced

9. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Create a standard secondary of domain and create standard secondary of other domain.
Zone transfer settings
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
dnscmd

10. If you want to implement BitLocker and store recovery informaiton in a central location
FILES option within Ntdsutil
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Configure caching on the shared folder (offline files)
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent

11. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Then use Windows Deployment Services (WDS) on DHCP1.
Deploy Microsoft System Center Operations Manager (SCOM)
Authorization Manager role assignment
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management

12. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Then install new Server 2008 R2 Enterprise subordinate CA.
Install Hyper-V role and convert physical machines into virtual machines

13. To create and additional AD LDS applicaiton directory partition in existing instance...
PowerShell 2.0
Ldp
Then use Windows Deployment Services (WDS)
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)

14. All servers run 2008 R2 and all client computers run XP SP1. You need to deploy Distributed File System (DFS) to meet these: minimize cost; provide redundancy in the event a single server fails; ensure client computers reconnect to their preferred se
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
ntdsutil

15. UPN Suffix xxxx.com needs to be available for user accounts...
Add the new UPN Suffix to the forest
Authorization Manager role assignment
Then configure GlobalNames zones on each domain controller.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent

16. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Passive file screens
Set-ADServiceAccount cmdlet
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
DFL needs to be Windows Server 2008

17. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Recommend GPT and basic disks
Implement folder redirection by using GPO. Then backup the folder redirection target.
Implement Shadow Copies
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.

18. Tools to view contents of an OU in an AD snapshot...
dsa.msc - dsamain.exe - ntdsutil.exe
Perform an authoritative restore
Refresh the zone on DNS2
Install Hyper-V role and convert physical machines into virtual machines

19. to protect file servers and hard disks that may be at risk of being accessed or stolen
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Implement Windows BitLocker Drive Encryption (BitLocker)
Ntdsutil
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.

20. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Microsoft Application Virtualization (AppV)
Group Policy Preferences
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Incoming external trust

21. You need to manage GPO to meet the following: allow administrators to view and edit the GPO in their own language; minimize number of GPOs deployed
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Ldp
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

22. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Administrative Role Separation
Modify zone transfer settings for company.com zone on DCA

23. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Run adprep /forestprep and adprep /domainprep
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.

24. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Recommend Offline Files
Ntfrsutil
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.

25. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Autonomous mode...This allows the local administrator to approve their own updates.
Active Directory Domains and Trusts
Recommend Group Policy preferences

26. GPO setting to prevent all users from running an application
Install the RSAT tool on their workstation to provide for more efficient network management
Implement Windows System Resource Manager (WSRM)
PDC emulator with w32tm.exe
Software Restriction Polices

27. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
IIS Chared Configuration
Purchase one additional Enterprise License
Ntfrsutil
Create an Active Directory-Integrated zone.

28. New Password Policy needs to be created for OU different from domain password policy
Attach VHD file created by Windows server backup
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.

29. Backup solutions for the files servers that support a robotic-based tape library must support the enterprise; you should recommend
Microsoft System Center Data Protection Manager
Configure Firewall Group Policies and link them at the Domain level
Authorization Manager
Network Load Balancing (NLB)

30. What shold be done to configure AD RMS so users can protect their data?
Data Recovery Agent
Deploy it by using Group Policy Software Installation method
Implement Shadow Copies
Create an e-mail account in AD DS for your RMS users

31. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Configure event log subscriptions
Domain based Distributed File System (DFS) will reduce network traffic
Event Log Subscriptions

32. What utility is used to see what accounts cached on RODC?
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Active Directory Users and Computers
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop

33. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

34. To backup Virtual Machines
Windows System Resource Manager (WSRM)
dnscmd tool
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.

35. To identify users who bypass the new corporate security policy -
Configure Audit Special Logon and define Special Groups
dsa.msc - dsamain.exe - ntdsutil.exe
Perform an authoritative restore
Back up to an external USB drive by using Windows Server Backup

36. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Dynamically expanding VHD's
Recommend Group Policy preferences
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Disable Site Link Bridging from the IP properties

37. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Add the new UPN Suffix to the forest
Incoming external trust
Modify the local policy to point to the Internal WSUS server
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)

38. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Enable Credential Roaming
Create an e-mail account in AD DS for your RMS users.
Windows BitLocker Drive Encryption (Bit Locker)
Domain based Distributed File System (DFS) will reduce network traffic

39. To configure AD FS so tokens contain information from Active Directory domain...
New ACCOUNT STORE should be added and configured
Install Windows Server Backup and modify the Windows firewall settings
Deploy Microsoft System Center Operations Manager (SCOM)
WDS

40. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Win2000
Implement one LUN for the quorum and another LUN for the data
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.

41. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
Create an Active Directory-Integrated zone.
Network Load Balancing (NLB) cluster
Dfsrdiag
Configure event log subscriptions

42. 2 ways to relocate user and computer accounts to different OUs
Properties of PSO need modified
Configure the zone as an Activde Directory-Integrated zone.
DSMOD - ADUC
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)

43. If CA PKI needs to support Suite B hashing and encryption algorithms and store keys in AD
Then install new Server 2008 R2 Enterprise subordinate CA.
Distributed File System (DFS) Replication
CAPublishGP group should have the Manage CA permission.
Incoming external trust

44. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Windows System Resource Manager (WSRM)
Use local roles options within "dsmgmt"
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Test-AppLockerPolicy

45. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Install Windows Server Backup and modify the Windows firewall settings
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Use the Local Roles options with dsmgmt.
Implement Windows System Resource Manager (WSRM) and configure user policies

46. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Assign the application to computers in the PC OU
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
File Server Resource Manager (FSRM) quotas and file screens

47. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
MEDV to deploy virtual desktops
802.1.x NAP
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.

48. to make shares at a remote location available to users you should implement this.
Event Viewer
Domain based Distributed File System (DFS) namespace and DFS Replication.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Printer driver isolation

49. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Windows BitLocker Drive Encryption (Bit Locker)
DSMOD - ADUC
Disable Site Link Bridging from IP Properties
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)

50. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Configure RODC for Administrator Role Separation
Configure block inheritance on the IT OU
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

MSITP

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests