Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
MEDV to deploy virtual desktops
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Then use on install image file that contains a single install image.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in

2. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Configure caching on the shared folder and configure offline files to use encryption
Run adprep /forestprep and adprep /domainprep
Configure offline files and enable manual caching
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise

3. To ensure IT Help Desk Users can create GPOs in the domain and give them a GPO that contains preconfigured settings that will be used to create new GPOs -
Deploy a GPO for the Sales OU
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Enable Windows Remote Management (WinRM) on each server.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.

4. To restore deleted user account from AD Recycle Bin...
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Passive file screens
Restore-ADObject cmdlet
AD Rights Management Services

5. To allow a specifc user or group to manage the address information for the user accounts...
Deploy it by using Group Policy Software Installation method
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
dnscmd tool
Recommend Active Directory delegation

6. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Role Separation

7. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Configure an audit policy by editing the default domain policy and configure Event Forwarding
DISABLE slow link detection in the GPO
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Dsmgmt

8. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Test-AppLockerPolicy
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Configure caching on the shared folder and configure offline files to use encryption
Create ADMX and ADML files. Configure the GPO and link it to the domain.

9. Need to access some resources in another domain that is part of another forest...What trust is created?
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Incoming external trust
Configure RODC for Administrator Role Separation

10. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Microsoft SharePoint Foundation 2010
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Run adprep /forestprep and adprep /domainprep
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.

11. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Dfsrdiag
A relying party trust should be created.
Deploy a failover cluster that uses Node and File Share Disk Majority

12. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Changed manually
Repadmin

13. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Modify properties of RODC server computer account.
Import-Module
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.

14. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Run the Delegation of Control Wizard on the Staff OU
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.

15. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Win2000
Install the RSAT tool on their workstation to provide for more efficient network management
Role Separation
The Group Policy Management console

16. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Create and deploy a logon script that runs Auditpol.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Implement GPO for all client computers

17. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Raise the DFL to Windows Server 2008 R2.
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Configure the zone as an Activde Directory-Integrated zone.

18. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

19. To recover objects deleted from Active Directory you should recommend
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Active Directory snapshots and Tombstone reanimation
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Raise the DFL to Windows Server 2008 R2.

20. Requirements are: support the installation of SQL Server 2008; Provide redundancy for SQL services if a single server fails. To accomplish this
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Run auditpol and then configure the Security settings of the Domain Controllers OU.

21. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Authorization Manager role assignment

22. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Incoming external trust
Install Hyper-V role and convert physical machines into virtual machines
Implement one LUN for the quorum and another LUN for the data

23. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Create a MEDV workspace
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).

24. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

25. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
Implement GPO for all client computers
Use CISCO IP Helper command to configure.
A Distributed File System (DFS) namespace
Modify properties of RODC server computer account.

26. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
AD Rights Management Services
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.

27. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Create and deploy a logon script that runs Auditpol.
Event Viewer
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Disable Site Link Bridging from IP Properties

28. If you need to encrypt all data on all disks
Incoming external trust
net stop ntds
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Then use Windows BitLocker Drive Encryption

29. File that contains the last logon time and custom attributes values for each user in your forest.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Configure event log subscriptions
PDC emulator with w32tm.exe
Get-ADUser cmdlet

30. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Modify the schema of LDSInst1

31. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
DSMOD
Microsoft SharePoint Foundation 2010
Printer driver isolation
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary

32. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Implement a domain-based DFS namespace that uses replication

33. If users complain that it is hard to find the shared folders on the network implement
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Additional DFS Targets

34. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Passive file screens
Offline domain join
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
The Group Policy Management Console

35. 4 steps to perform offline Defragmentation of AD database...
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Modify zone transfer settings for company.com zone on DCA
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Active Directory Users and Computers utility

36. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Configure separate application pools for each application
Dsmgmt
FFL Windows Server 2008 R2
From Server1 - run the Create Basic Task Wizard

37. What should be done to resolve names by using GlobalNames zone?
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
View properties of %systemroot%ntdsntds.dit
dnscmd tool
Windows System Resource Manager (WSRM)

38. In order to ensure highly available Windows Update servers you should create this.
Event Viewer
Group Policy Preferences
Use CISCO IP Helper command to configure.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.

39. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Run net stop ntds
Storage manager for SANs
Microsoft Application Virtualization (AppV)

40. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

41. GPO setting to prevent all users from running an application
Software Restriction Polices
Implement one LUN for the quorum and another LUN for the data
Back up to an external USB drive by using Windows Server Backup
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.

42. You need an Active Directory strategy that supports the recovery of deleted objects for up to one year after the date of deletion. to accomplish this
Increase the tombstone lifetime for the forest.
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
IIS Chared Configuration
Install the RSAT tool on their workstation to provide for more efficient network management

43. To deploy templates across the organization
File Server Resource Manager (FSRM) quotas and file screens
Back up to an external USB drive by using Windows Server Backup
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates

44. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Microsoft System Center Data Protection Manager 2010
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
WSUS server in the branch office in replica mode.

45. When deploying an application using the Group Policy distribution method assign the...
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Assign the application to computers in the PC OU
Properties of PSO need modified
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.

46. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

47. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Modify the schema of LDSInst1
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Network Load Balancing (NLB) cluster

48. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

49. To defragment and AD database...
net stop ntds
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Refresh the zone on DNS2

50. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Event Log Subscriptions
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Jill came down with 2.50.