SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Basic Authentication and SSL
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
2. To protect all computers on the network from unwanted access and to ensure a consistent configuration
net stop ntds
Configure Firewall Group Policies and link them at the Domain level
WDS
CAPublishGP group should have the Manage CA permission.
3. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
Create and deploy a logon script that runs Auditpol.
Disable Site Link Bridging from the IP properties
Configure offline files and enable manual caching
Add-ADFineGrainedPasswordPolicySubject cmdlet
4. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Disable Site Link Bridging from the IP properties
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
5. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Domain based Distributed File System (DFS) will reduce network traffic
Site
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
6. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
DSMOD
7. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Configure separate application pools for each application
Windows BitLocker Drive Encryption (Bit Locker)
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
8. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
Improve the performance of File Servers
dsa.msc - dsamain.exe - ntdsutil.exe
Folder redirection. Folder redirection is also useful when using roamin profiles.
IIS Chared Configuration
9. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Registry on users computer needs to be modified
10. 4 steps to perform offline Defragmentation of AD database...
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
The Group Policy Management Console
Raise the DFL to Windows Server 2008 R2.
11. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Use local roles options within "dsmgmt"
Configure Firewall Group Policies and link them at the Domain level
12. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
WSUS server in the branch office in replica mode.
Windows XP Mode
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
13. To compact AD database...
FILES option within Ntdsutil
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Assign the application to all client computers by using a GPO.
Then use Windows Deployment Services (WDS) on DHCP1.
14. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Create a Network Load Balancing cluster.
Run the Delegation of Control Wizard on the Staff OU
Offline domain join
15. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
16. If you need to ensure that data is protected by BitLocker then you will...
Active Directory snapshots and Tombstone reanimation
NOT be able to store that data on an iSCSI SAN
Attach VHD file created by Windows server backup
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
17. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Raise the DFL to Windows Server 2008 R2.
Upgrading DFS to Windows Server 2008 R2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Deploy the Root CA certificate to the external computers.
18. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Implement folder redirection by using GPO. Then backup the folder redirection target.
Registry on users computer needs to be modified
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
19. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Event Subscriptions
Active Directory Right Management Services (AD RMS)
Recommend Group Policy preferences
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
20. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Improve the performance of File Servers
Dfsrdiag
WDS
Create an Active Directory-Integrated zone.
21. Your company IP scheme uses both IPv4 and IPv6. You have a main and branch office. In the branch office you are using PC1. PC1 is now only using IPv6. You noticed that PC1 no longer authenticates off the DC that is in the branch office. What should b
Add George to the Domain Admins group.
Dfsrdiag
Purchase one additional Enterprise License
An Active Directory subnet object needs to be created.
22. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Install and share a printer on a server and then enable printer pooling.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Changed manually
Dynamically expanding VHD's
23. You need to recommend a BitLocker recovery method you should recommend this.
Implement Windows System Resource Manager (WSRM)
Group Policy Preferences
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Data Recovery Agent
24. If you need to be able to create shared folders on Server 2008 R2
Active Directory Right Management Services (AD RMS)
A relying party trust should be created.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
25. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
DFL needs to be Windows Server 2008
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
WSUS server in the branch office in replica mode.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
26. George needs to administer a read-only domain controller named Server1 - but to do this with minimal permissions assigned to him. What tool should be used for this daunting task?
Implement a domain-based DFS namespace that uses replication
Offline domain join
Dsmgmt
Implement GPO for all client computers
27. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
28. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Purchase one additional Enterprise License
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Additional DFS Targets
AD Rights Management Services
29. You need to plan for the delegation of administrative authority for an OU in your AD named Staff. It should: allow help desk admins to create user accounts in the Staff OU; allow helpdesk admins to change the address attributes; prevent HelpDesk admi
Configure block inheritance on the IT OU
DFL needs to be Windows Server 2008
Run the Delegation of Control Wizard on the Staff OU
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
30. DFL is Windows Server 2003 and client computers run Vista. DCRMS is a server that holds AD RMS. What should be done to configure AD RMS so users - including Waldo - can protect their data?
DSMOD
DSMOD - ADUC
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Create an e-mail account in AD DS for your RMS users.
31. To backup to tape/robotic tape and to backup VMs you must use...
Assign the application to computers in the PC OU
Active Directory Right Management Services (AD RMS)
Event Subscriptions
Microsoft System Center Data Protection Manager 2010
32. If you need to encrypt all data on all disks
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Network Load Balancing (NLB)
Domain based DFS namespace and configure a DFS replication group
Then use Windows BitLocker Drive Encryption
33. DFL is...
Implement Network Access Protection (NAP)
Win2000 Native
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Configure folder redirection
34. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
Recommend Offline Files
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Use local roles options within "dsmgmt"
From Server A - run Create Basic Task Wizard
35. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
A Distributed File System (DFS) namespace
Distributed File System (DFS) Replication
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Windows Deployment Services (WDS)
36. Tools to view contents of an OU in an AD snapshot...
dsa.msc - dsamain.exe - ntdsutil.exe
Zone transfer settings
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Install From Media IFM
37. The Computer Management snap-in allows you to create shares both on...
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
fsconfig on FSSrv2
Your machine and remote desktops
IIS Manager user account
38. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
DSMOD
39. You need a solution that meets policy while minimizing hardware and software costs
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Create an e-mail account in AD DS for your RMS users
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Create a new Password Settings Object (PSO) for the IT users.
40. What shold be done to configure AD RMS so users can protect their data?
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Utilize IFM (Install From Media)
From Server1 - run the Create Basic Task Wizard
Create an e-mail account in AD DS for your RMS users
41. What should be done first to defragment the AD database?
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Run net stop ntds
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
42. Capture all replication errors from all your DCs to a central location...
802.1.x NAP
Utilize IFM (Install From Media)
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Configure event log subscriptions
43. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Multipath I/O feature
Configure caching on the shared folder (offline files)
Configure an audit policy by editing the default domain policy and configure Event Forwarding
44. You need to relocate an AD LDS instance from C: Drive to D: Drive
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
DISABLE slow link detection in the GPO
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
45. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Backup operator's domain local group
Implement Shadow Copies
Deploy a failover cluster that contains one node in each office.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
46. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Active Directory Right Management Services (AD RMS)
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Implement Network Access Protection (NAP)
47. If a file server reaches 15% free disk space - you could free up some disk space by
Enable Windows Remote Management (WinRM) on the servers.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Creating a data collector set that kick off a scritp that either move or delete files.
48. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Microsoft Application Virtualization (AppV)
Import-Module
An Active Directory subnet object needs to be created.
49. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Offline domain join
Then use on install image file that contains a single install image.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
50. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Configure Firewall Group Policies and link them at the Domain level
Create a new Password Settings Object (PSO) for the IT users.
