SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To compact AD database...
FILES option within Ntdsutil
Active Directory snapshots and Tombstone reanimation
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
2. To add a server with AD FS 2.0 role to an existing AD FS farm...
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
A relying party trust should be created.
fsconfig on FSSrv2
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
3. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Execute the Set-ADServiceAccount cmdlet
Install the RSAT tool on their workstation to provide for more efficient network management
Repadmin
Incoming external trust
4. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Dynamically expanding VHD's
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Domain based Distributed File System (DFS) will reduce network traffic
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
5. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Disable Site Link Bridging from IP Properties
Configure the zone as an Activde Directory-Integrated zone.
Microsoft System Center Data Protection Manager
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
6. to make shares at a remote location available to users you should implement this.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Storage manager for SANs
Domain based Distributed File System (DFS) namespace and DFS Replication.
Zone transfer settings
7. To modify several user accounts to a new UPN suffix
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Recommend Group Policy preferences
Share and Storage Management
Active Directory Users and Computers utility
8. To allow for an application on a Remote Desktop Server to be available through document invocation - you must
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
AD RMS
9. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Windows System Resource Manager (WSRM)
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Authorization Manager role assignment
Then use Windows Deployment Services (WDS) on DHCP1.
10. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Incoming external trust
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Storage manager for SANs
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
11. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Include a server that runs Microsoft Office SharePoint Server 2010
Enable Windows Remote Management (WinRM) on the servers.
Modify zone transfer settings for company.com zone on DCA
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
12. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Configure authorization rules for Web developers on each web server
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
13. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Then use Windows Deployment Services (WDS)
Configure Audit Special Logon and define Special Groups
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
14. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Test-AppLockerPolicy
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
15. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Purchase one additional Enterprise License
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
16. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Recommend Offline Files
Create and deploy a logon script that runs Auditpol.
Perform an authoritative restore
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
17. To create and additional AD LDS applicaiton directory partition in existing instance...
Implement Shadow Copies
Ldp
Deploy a failover cluster that contains one node in each office.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
18. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Install Windows Server Backup and modify the Windows firewall settings
Create a Central Store
MEDV to deploy virtual desktops
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
19. To add a new UPN for all user accounts...
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
AD Domains and Trusts
802.1.x NAP
20. To create AD Domain Services snapshot
Ntdsutil
Active Directory Users and Computers
PowerShell 2.0
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
21. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
Network Load Balancing (NLB)
Certificate Templates
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
22. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Raise the DFL to Windows Server 2008 R2.
AD RMS
Attach VHD file created by Windows server backup
23. To restore deleted user account from AD Recycle Bin...
FFL Windows Server 2008 R2
dnscmd tool
Restore-ADObject cmdlet
Domain based Distributed File System (DFS) will reduce network traffic
24. What should be done to resolve names by using GlobalNames zone?
dnscmd
Improve the performance of File Servers
Enable - ADoptionalFeature cmdlet
dnscmd tool
25. If users complain that it is hard to find the shared folders on the network implement
Deploy it by using Group Policy Software Installation method
Additional DFS Targets
Certificate Templates
Jill came down with 2.50.
26. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
New ACCOUNT STORE should be added and configured
Test-AppLockerPolicy
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
WDS
27. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Raise the DFL to Windows Server 2008 R2.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Improve the performance of File Servers
28. If you need to ensure that data is protected by BitLocker then you will...
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
NOT be able to store that data on an iSCSI SAN
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Win2000 Native
29. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
WSUS server in the branch office in replica mode.
Then use Windows Deployment Services (WDS) on DHCP1.
Get-ADUser cmdlet
Offline domain join
30. What role to keep same time as an external server?
PDC emulator with w32tm.exe
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Administrative Role Separation
31. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Disable Site Link Bridging from IP Properties
Basic Authentication and SSL
Configure an audit policy by editing the default domain policy and configure Event Forwarding
32. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Dsmgmt
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Use local roles options within "dsmgmt"
33. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Create an e-mail account in AD DS for your RMS users.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
DFL needs to be Windows Server 2008
34. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Jill came down with 2.50.
Administrative Role Separation
36. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Deploy Microsoft System Center Operations Manager (SCOM)
Deploy a failover cluster that contains one node in each office.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Test-AppLockerPolicy
37. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Install From Media IFM
Then configure auto enrollment of certificates and Credential Roaming.
Add George to the Domain Admins group.
38. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Microsoft Application Virtualization (AppV)
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Implement Windows BitLocker Drive Encryption (BitLocker)
39. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
The Group Policy Management console
Use local roles options within "dsmgmt"
Configure the zone as an Activde Directory-Integrated zone.
40. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Configure event log subscriptions
Implement Windows System Resource Manager (WSRM) and configure user policies
Install and share a printer on a server and then enable printer pooling.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
41. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Domain based Distributed File System (DFS) will reduce network traffic
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Changed manually
42. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Multipath I/O feature
Prestage the computer account in AD
Modify the local policy to point to the Internal WSUS server
Active Directory Domains and Trusts
43. You are about to deploy a distributed database appliation that will run on multiple 2008 R2 servers. This deployment needs to follow these requirements: uses the existing network infrastructure; uses standard Windows management tools; allocates stora
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Assign the application to all client computers by using a GPO.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
44. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Disable Site Link Bridging from IP Properties
Zone transfer settings
Attach VHD file created by Windows server backup
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
45. Tool to change Directory Services Restore Mode password on Domain Controller...
ntdsutil
FILES option within Ntdsutil
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
46. To determine size of AD database file...
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
View properties of %systemroot%ntdsntds.dit
47. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Administrators is the minimum group membership required to complete this procedure.
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
48. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Install the RSAT tool on their workstation to provide for more efficient network management
Execute the Set-ADServiceAccount cmdlet
Dfsrdiag
49. You need a solution that meets policy while minimizing hardware and software costs
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Create a new Password Settings Object (PSO) for the IT users.
50. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Upgrading DFS to Windows Server 2008 R2
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Administrative Role Separation
AD RMS
