SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Domain.com recently deployed several Windows Server 2008 R2 file servers. You recently have had a problem with the file server in the sales department. On a regular basis the hard drive on the file server reaches capcity. You have to routinely perfor
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Event Viewer
Windows Server 2003
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
2. PowerShell script to create user accounts with passwords from a file called password.csv
WSUS server in the branch office in replica mode.
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Domain based Distributed File System (DFS) will reduce network traffic
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
3. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Configure separate application pools for each application
Configure Audit Special Logon and define Special Groups
Microsoft Application Virtualization (AppV)
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
4. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
5. You need a solution that meets policy while minimizing hardware and software costs
Create a new Password Settings Object (PSO) for the IT users.
Windows BitLocker Drive Encryption (Bit Locker)
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Implement Network Access Protection (NAP)
6. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Back up to an external USB drive by using Windows Server Backup
PDC emulator with w32tm.exe
An Active Directory subnet object needs to be created.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
7. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Configure Audit Special Logon and define Special Groups
Event Viewer
DSMOD
8. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
From Server1 - run the Create Basic Task Wizard
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Zone transfer settings
Implement Windows BitLocker Drive Encryption (BitLocker)
9. When one needs to audit files - folders - printers and the registry enable
Refresh the zone on DNS2
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
FILES option within Ntdsutil
10. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Upgrading DFS to Windows Server 2008 R2
Improve the performance of File Servers
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
11. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Event Log Subscriptions
Configure Firewall Group Policies and link them at the Domain level
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
12. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Implement Windows BitLocker Drive Encryption (BitLocker)
Modify zone transfer settings for company.com zone on DCA
Then configure auto enrollment of certificates and Credential Roaming.
Use local roles options within "dsmgmt"
13. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Configure offline files and enable manual caching
Administrators is the minimum group membership required to complete this procedure.
14. In order to manage websites without having to logon you can use
PDC emulator with w32tm.exe
PowerShell 2.0
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Ntdsutil
15. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Prestage the computer account in AD
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Certificate Templates
Create an Active Directory-Integrated zone.
16. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Then use Windows Deployment Services (WDS)
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Dfsrdiag
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
17. To replicate SYSVOL using Distributed File System Replication (DFSR)...
Then use on install image file that contains a single install image.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
DFL needs to be Windows Server 2008
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
18. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Implement Distributed File System Replication (DFSR) on both servers
Role Separation
Use a GPO to configure device installation restrictions
Event Subscriptions
19. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Win2000 Native
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
FILES option within Ntdsutil
Deploy a failover cluster that contains one node in each office.
20. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Group Policy Preferences
Disable Site Link Bridging from the IP properties
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Raise the DFL to Windows Server 2008 R2.
21. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Implement File Server Resource Manager (FSRM) quotas on the desired servers
The Group Policy Management Console
Modify the GPO to include folder redirection
FFL Windows Server 2008 R2
22. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
Repadmin
Microsoft SharePoint Foundation 2010
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Assign the application to all client computers by using a GPO.
23. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Run adprep /forestprep and adprep /domainprep
Autonomous mode...This allows the local administrator to approve their own updates.
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
24. New password settings object (PSO) created and needs to be applied to user
Domain based Distributed File System (DFS) will reduce network traffic
Active Directory Users and Computers
Properties of PSO need modified
AD RMS
25. to protect file servers and hard disks that may be at risk of being accessed or stolen
Administrative Role Separation
Implement Windows BitLocker Drive Encryption (BitLocker)
AD RMS
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
26. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Winrm quickconfig
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
27. To be able to user an application from one AD FS with authentication server to another...
Microsoft SharePoint Foundation 2010
A relying party trust should be created.
Import-Module
Refresh the zone on DNS2
28. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
PDC emulator with w32tm.exe
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Microsoft Desktop Optimization Pack (MDOP) to your company
29. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Include a server that runs Microsoft Office SharePoint Server 2010
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
dnscmd tool
30. You need to deploy a sales application that only the sales users must have access to
Add the Windows Server Backup feature and Windows System Image recovery.
Deploy a GPO for the Sales OU
Ntdsutil
Discover the run Microsoft Baseline Security Analyzer (MBSA)
31. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Win2000
Create a Network Load Balancing cluster.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
32. If subnets are connected by CISCO router that is RFC-1542 compliant
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Use CISCO IP Helper command to configure.
Implement Shadow Copies
dnscmd
33. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Service user account for AD LDS
Deploy a failover cluster that uses Node and File Share Disk Majority
34. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Deploy a failover cluster that uses Node and File Share Disk Majority
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
35. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
From Server A - run Create Basic Task Wizard
36. To backup Virtual Machines
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Active Directory Users and Computers utility
Dfsrdiag
37. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Add-ADFineGrainedPasswordPolicySubject cmdlet
Then configure auto enrollment of certificates and Credential Roaming.
Configure Firewall Group Policies and link them at the Domain level
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
38. If you need to encrypt all data on all disks
Create an e-mail account in AD DS for your RMS users.
Then use Windows BitLocker Drive Encryption
Share and Storage Management
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
39. The Computer Management snap-in allows you to create shares both on...
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Your machine and remote desktops
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
40. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Modify the local policy to point to the Internal WSUS server
Raise the DFL to Windows Server 2008 R2.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
41. If you want to implement BitLocker and store recovery informaiton in a central location
Configure the zone as an Activde Directory-Integrated zone.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
A relying party trust should be created.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
42. You have several Windows 2000 Servers that have a custom application installed. However - the apps are incompatible with each other and with Windows Server 2008 R2 - but they consume less than 10% of system resources. There is a policy that states al
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Creating a data collector set that kick off a scritp that either move or delete files.
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
43. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
dsa.msc - dsamain.exe - ntdsutil.exe
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Add George to the Domain Admins group.
Active Directory Right Management Services (AD RMS)
44. Domain.com's network consists of a single forest and a single domain - all Domain Controllers - Servers and Remote Desktop Services servers are now 2008 R2. All clients are Windows 7. You need to deploy a new CRM Applicaiton to the sales team. You mu
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
A Distributed File System (DFS) namespace
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
45. New Password Policy needs to be created for OU different from domain password policy
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Dynamically expanding VHD's
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Windows System Resource Manager (WSRM)
46. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Run adprep /forestprep and adprep /domainprep
47. GPO setting to prevent all users from running an application
Configure separate application pools for each application
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Deploy a failover cluster that contains one node in each office.
Software Restriction Polices
48. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
View properties of %systemroot%ntdsntds.dit
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
49. You need to design your WSUS infrastructure so that updates are highly available. To do so
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Implement the Windows Search Service.
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Create an Active Directory-Integrated zone.
50. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Storage manager for SANs
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.