Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Implement a GPO for each domain
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Configure RODC for Administrator Role Separation
Implement a domain-based DFS namespace that uses replication

2. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Passive file screens
Changed manually
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Zone transfer settings

3. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Active Directory Users and Computers utility
Encrypting File System (EFS). This can be enabled locally or through a GPO.
FILES option within Ntdsutil
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise

4. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Ldp
Then use Windows Deployment Services (WDS)
Event Log Subscriptions

5. When recommending a monitoring solution for an application so that it's events can be stored in a central
Event Subscriptions
Implement Distributed File System Replication (DFSR) on both servers
FILES option within Ntdsutil
Then configure GlobalNames zones on each domain controller.

6. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Authorization Manager
Create an e-mail account in AD DS for your RMS users.
Implement Distributed File System Replication (DFSR) on both servers
WDS

7. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Perform an authoritative restore
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Modify the schema of LDSInst1
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management

8. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
Create an e-mail account in AD DS for your RMS users.
Install and share a printer on a server and then enable printer pooling.
Modify zone transfer settings for company.com zone on DCA
Printer driver isolation

9. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Enable Credential Roaming
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Disable Site Link Bridging from IP Properties
Back up to an external USB drive by using Windows Server Backup

10. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Administrators is the minimum group membership required to complete this procedure.
Ldp

11. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Then configure auto enrollment of certificates and Credential Roaming.
MEDV to deploy virtual desktops
Create a Network Load Balancing cluster.
Add the new UPN suffix to the forest.

12. You need to allow a user to add a single computer to a domain - without any additional rights...
Prestage the computer account in AD
Backup operator's domain local group
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Create a MEDV workspace

13. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Implement one LUN for the quorum and another LUN for the data
Perform an authoritative restore
Deploy a failover cluster that uses Node and File Share Disk Majority

14. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
IIS Manager user account
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Then configure GlobalNames zones on each domain controller.
Registry on users computer needs to be modified

15. To replicate SYSVOL using Distributed File System Replication (DFSR)...
Deploy it by using Group Policy Software Installation method
Recommend Active Directory delegation
Ntdsutil
DFL needs to be Windows Server 2008

16. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

17. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
Active Directory Domains and Trusts
Test-AppLockerPolicy
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files

18. GPO setting to prevent all users from running an application
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Recommend GPT and basic disks
Software Restriction Polices

19. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Deploy a failover cluster that contains one node in each office.
Create a MEDV workspace
Recommend Active Directory delegation

20. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Configure Audit Special Logon and define Special Groups
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Network Load Balancing (NLB) cluster

21. to make shares at a remote location available to users you should implement this.
Event Log Subscriptions
Group Policy Preferences
Domain based Distributed File System (DFS) namespace and DFS Replication.
ntdsutil

22. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Create a MEDV workspace
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Configure caching on the shared folder (offline files)
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

23. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Deploy it by using Group Policy Software Installation method
Configure separate application pools for each application
Changed manually

24. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Set-ADServiceAccount cmdlet
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Winrm quickconfig

25. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Domain based DFS namespace and configure a DFS replication group
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Modify zone transfer settings for company.com zone on DCA

26. If you need to ensure that data is protected by BitLocker then you will...
NOT be able to store that data on an iSCSI SAN
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Network Load Balancing (NLB) cluster

27. An external partner plan requires the following: prevent sensitive documents from being forwarded to untrusted recipients or from being printed; allow users in the external partner organization to access the protected content to which they have been
Perform an authoritative restore
Win2000 Native
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.

28. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Group Policy Preferences

29. Tools to view contents of an OU in an AD snapshot...
dnscmd
dsa.msc - dsamain.exe - ntdsutil.exe
Assign the application to computers in the PC OU
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files

30. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
FILES option within Ntdsutil
Create a Network Load Balancing cluster.
ntdsutil
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.

31. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Implement one LUN for the quorum and another LUN for the data
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
WDS

32. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
PDC emulator with w32tm.exe
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Add the Windows Server Backup feature and Windows System Image recovery.
Implement one LUN for the quorum and another LUN for the data

33. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
New ACCOUNT STORE should be added and configured
Administrative Role Separation
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology

34. When deploying an application using the Group Policy distribution method assign the...
Certificate Templates
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Properties of PSO need modified
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.

35. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Implement Network Access Protection (NAP)
Event Viewer
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Microsoft System Center Data Protection Manager

36. 4 steps to perform offline Defragmentation of AD database...
Additional DFS Targets
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Assign the application to all client computers by using a GPO.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.

37. To configure Administrator Role Separation for an RODC
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Deploy a GPO for the Sales OU
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP

38. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Repadmin
A relying party trust should be created.
DSMOD
dnscmd tool

39. If you want to allow single-label name resolution
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Import-Module
Then configure GlobalNames zones on each domain controller.

40. For the users that work remotely that need access to files from the corporate office you should...
Enable Windows Remote Management (WinRM) on each server.
Recommend Offline Files
Deploy it by using Group Policy Software Installation method
Use Netsh tool from administrator's computer.

41. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Modify zone transfer settings for company.com zone on DCA
Group Policy Preferences
Recommend GPT and basic disks
Event Viewer

42. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
Run adprep /forestprep and adprep /domainprep
Active Directory Users and Computers utility
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Then use Windows BitLocker Drive Encryption

43. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Implement Windows System Resource Manager (WSRM)
Configure Audit Special Logon and define Special Groups
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).

44. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Active Directory Users and Computers
Create a standard secondary of domain and create standard secondary of other domain.

45. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
MEDV to deploy virtual desktops
Upgrading DFS to Windows Server 2008 R2
Data Recovery Agent
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.

46. To delegate authority to users to manage only certain areas in Hyper-V use the
Certificate Templates
Install and share a printer on a server and then enable printer pooling.
Passive file screens
Authorization Manager role assignment

47. To backup GPO's in domain and minimize bakcup...
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
The Group Policy Management Console
Get-ADUser cmdlet

48. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
Windows XP Mode
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Create an e-mail account in AD DS for your RMS users.
Run auditpol and then configure the Security settings of the Domain Controllers OU.

49. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Enable Windows Remote Management (WinRM) on the servers.
Modify the GPO to include folder redirection
Create a new Password Settings Object (PSO) for the IT users.

50. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Configure folder redirection
Authorization Manager
Dynamically expanding VHD's