Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. To ensure that recovery is possible if a file on a file server is deleted accidentally
Implement Shadow Copies
Then configure GlobalNames zones on each domain controller.
Domain based DFS namespace and configure a DFS replication group
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

2. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
AD RMS
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Implement File Server Resource Manager (FSRM) quotas on the desired servers

3. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Implement Network Access Protection (NAP) that uses 802.1x enforcement
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Domain based Distributed File System (DFS) will reduce network traffic

4. You need a solution that meets policy while minimizing hardware and software costs
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Share and Storage Management
Create an e-mail account in AD DS for your RMS users
Create a new Password Settings Object (PSO) for the IT users.

5. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Attach VHD file created by Windows server backup
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop

6. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Attach VHD file created by Windows server backup
The Group Policy Management Console
Purchase one additional Enterprise License
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.

7. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Purchase one additional Enterprise License
Modify properties of RODC server computer account.
Configure caching on the shared folder and configure offline files to use encryption
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.

8. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Install and share a printer on a server and then enable printer pooling.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)

9. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Windows BitLocker Drive Encryption (Bit Locker)
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
DFL needs to be Windows Server 2008
From Server1 - run the Create Basic Task Wizard

10. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
AD Domains and Trusts
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Microsoft Desktop Optimization Pack (MDOP)
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary

11. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
An Active Directory subnet object needs to be created.
Disable Site Link Bridging from IP Properties
Add George to the Domain Admins group.
Microsoft Desktop Optimization Pack (MDOP) to your company

12. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Use a GPO to configure device installation restrictions
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.

13. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Zone transfer settings
Dfsrdiag
Raise the DFL to Windows Server 2008 R2.

14. If you want to allow single-label name resolution
Authorization Manager role assignment
Then configure GlobalNames zones on each domain controller.
Repadmin
PDC emulator with w32tm.exe

15. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Repadmin
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Event Log Subscriptions
Certificate Templates

16. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Dsmgmt
Run the Delegation of Control Wizard on the Staff OU

17. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Install Hyper-V role and convert physical machines into virtual machines
Increase the tombstone lifetime for the forest.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Jill came down with 2.50.

18. To be able to manage all the corporate servers from a workstation - you must install the
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Then use on install image file that contains a single install image.

19. 4 steps to perform offline Defragmentation of AD database...
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Creating a data collector set that kick off a scritp that either move or delete files.
Recommend Active Directory delegation
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service

20. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
dsa.msc - dsamain.exe - ntdsutil.exe
Modify the schema of LDSInst1
Enable Windows Remote Management (WinRM) on the servers.
Active Directory Domains and Trusts

21. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Create a new Password Settings Object (PSO) for the IT users.
Use a GPO to configure device installation restrictions
Windows XP Mode

22. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Domain based Distributed File System (DFS) will reduce network traffic
FILES option within Ntdsutil
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up

23. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Offline domain join
Utilize IFM (Install From Media)
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)

24. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
IIS Chared Configuration
Folder redirection. Folder redirection is also useful when using roamin profiles.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Raise the DFL to Windows Server 2008 R2.

25. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Install the RSAT tool on their workstation to provide for more efficient network management
Ensure your account - or the group is a member of the local Administrators group for that specific server.

26. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Dfsrdiag
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Deploy it by using Group Policy Software Installation method
Windows System Resource Manager (WSRM)

27. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Deploy a failover cluster that contains one node in each office.
Implement Network Access Protection (NAP)
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Create an e-mail account in AD DS for your RMS users.

28. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
A Distributed File System (DFS) namespace
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
PowerShell 2.0

29. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Implement Network Access Protection (NAP)
Domain based Distributed File System (DFS) will reduce network traffic
Event Viewer
Autonomous mode...This allows the local administrator to approve their own updates.

30. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
PDC emulator with w32tm.exe
Additional DFS Targets
File Server Resource Manager (FSRM) quotas and file screens
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.

31. Need to ensure users receive updated template within five days...
Microsoft Desktop Optimization Pack (MDOP) to your company
DSMOD - ADUC
Windows Server 2003
Registry on users computer needs to be modified

32. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Perform an authoritative restore
Refresh the zone on DNS2
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.

33. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Add the Windows Server Backup feature and Windows System Image recovery.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Implement a domain-based DFS namespace that uses replication

34. To allow a user to administer Active Directory
Enable Windows Remote Management (WinRM) on each server.
From Server A - run Create Basic Task Wizard
Windows XP Mode
Add the user to the Domain Admins global group

35. FFL is...
Then install new Server 2008 R2 Enterprise subordinate CA.
Incoming external trust
Win2000
Configure separate application pools for each application

36. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Modify zone transfer settings for company.com zone on DCA
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Use local roles options within "dsmgmt"

37. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
WDS
Distributed File System (DFS) Replication
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
DISABLE slow link detection in the GPO

38. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Dsmgmt
Incoming external trust
Implement the Windows Search Service.

39. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
A relying party trust should be created.
Modify zone transfer settings for company.com zone on DCA
Dfsrdiag

40. If you want to implement BitLocker and store recovery informaiton in a central location
Modify the GPO to include folder redirection
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
File Server Resource Manager (FSRM) quotas and file screens

41. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

42. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Administrators is the minimum group membership required to complete this procedure.
Software Restriction Polices
Modify the local policy to point to the Internal WSUS server
Configure caching on the shared folder (offline files)

43. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

44. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
Implement a Remote Desktop Connection Broker (RD Connection Broker)
MEDV to deploy virtual desktops
Enable Windows Remote Management (WinRM) on each server.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.

45. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
Implement the Windows Search Service.
Create a MEDV workspace
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Modify the schema of LDSInst1

46. To modify several user accounts to a new UPN suffix
Add the new UPN suffix to the forest.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Active Directory Users and Computers utility
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.

47. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
CAPublishGP group should have the Manage CA permission.
Recommend Active Directory delegation
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Offline domain join

48. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Disable Site Link Bridging from IP Properties
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
CAPublishGP group should have the Manage CA permission.

49. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
Deploy Microsoft System Center Operations Manager (SCOM)
Repadmin

50. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
Raise the DFL to Windows Server 2008 R2.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Include a server that runs Microsoft Office SharePoint Server 2010
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie