SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Ensure password length for a group set to 12 characters long while others keep password policy
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Add-ADFineGrainedPasswordPolicySubject cmdlet
Dsmgmt
Use Netsh tool from administrator's computer.
2. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Create and deploy a logon script that runs Auditpol.
Implement the Windows Search Service.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
3. What should be done first to defragment the AD database?
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Install Hyper-V role and convert physical machines into virtual machines
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Run net stop ntds
4. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Ntfrsutil
Implement Windows BitLocker Drive Encryption (BitLocker)
5. You need to recommend a BitLocker recovery method you should recommend this.
Registry on users computer needs to be modified
Data Recovery Agent
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Configure Audit Special Logon and define Special Groups
6. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Microsoft System Center Data Protection Manager 2010
Then use Windows Deployment Services (WDS)
7. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Enable Credential Roaming
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Repadmin
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
8. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Implement Distributed File System Replication (DFSR) on both servers
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Modify the local policy to point to the Internal WSUS server
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
9. To join a server/PC outside of the domain to the network...
Attach VHD file created by Windows server backup
Your machine and remote desktops
djoin /requesteodj from internal server - djoin /provision from outside server/PC
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
10. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Recommend Active Directory delegation
11. Enables you to receive emails when domain users locked out of accounts...
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Configure caching on the shared folder and configure offline files to use encryption
Event Viewer
12. DFL is...
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Create a Network Load Balancing cluster.
Autonomous mode...This allows the local administrator to approve their own updates.
Win2000 Native
13. With AppLocker settings - which Windows PowerShell cmdlet would be used to identify whether a specific application file is allowed to run on a computer?
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Test-AppLockerPolicy
Then configure GlobalNames zones on each domain controller.
14. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Add the Windows Server Backup feature and Windows System Image recovery.
Enable Credential Roaming
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
15. To modify several user accounts to a new UPN suffix
Create a Central Store
Create an Active Directory-Integrated zone.
Microsoft Application Virtualization (AppV)
Active Directory Users and Computers utility
16. To enable the AD Recycle Bin
Enable - ADoptionalFeature cmdlet
Authorization Manager
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Deploy Microsoft System Center Operations Manager (SCOM)
17. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
802.1.x NAP
Implement Windows System Resource Manager (WSRM) and configure user policies
Microsoft SharePoint Foundation 2010
Windows BitLocker Drive Encryption (Bit Locker)
18. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Dsmgmt
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Create an Active Directory-Integrated zone.
Assign the application to computers in the PC OU
19. You need to design your WSUS infrastructure so that updates are highly available. To do so
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Assign the application to computers in the PC OU
Enable Windows Remote Management (WinRM) on each server.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
20. In order for admins at a branch office to be able to change their passwords and logon if a single DC fails even if the WAN Link to the corporate office fails you shoud
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
21. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Site
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Changed manually
Zone transfer settings
22. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Administrators is the minimum group membership required to complete this procedure.
Disable Site Link Bridging from the IP properties
Deploy a GPO for the Sales OU
Modify zone transfer settings for company.com zone on DCA
23. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Purchase one additional Enterprise License
Configure authorization rules for Web developers on each web server
Raise the DFL to Windows Server 2008 R2.
Your machine and remote desktops
24. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Configure RODC for Administrator Role Separation
Deploy it by using Group Policy Software Installation method
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
25. What shold be done to configure AD RMS so users can protect their data?
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Create an e-mail account in AD DS for your RMS users
Use CISCO IP Helper command to configure.
26. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
Restore-ADObject cmdlet
Recommend Offline Files
An Active Directory subnet object needs to be created.
Implement Windows System Resource Manager (WSRM)
27. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Microsoft Application Virtualization (AppV)
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Deploy Microsoft System Center Operations Manager (SCOM)
28. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Create an Active Directory-Integrated zone.
Then use on install image file that contains a single install image.
FILES option within Ntdsutil
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
29. If you need to encrypt all data on all disks
Then use Windows BitLocker Drive Encryption
Active Directory snapshots and Tombstone reanimation
Additional DFS Targets
Domain based Distributed File System (DFS) will reduce network traffic
30. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
Administrators is the minimum group membership required to complete this procedure.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Implement Windows BitLocker Drive Encryption (BitLocker)
31. To backup GPO's in domain and minimize bakcup...
Incoming external trust
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
The Group Policy Management Console
Folder redirection. Folder redirection is also useful when using roamin profiles.
32. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Microsoft Desktop Optimization Pack (MDOP) to your company
Configure block inheritance on the IT OU
Implement Shadow Copies
Create a standard secondary of domain and create standard secondary of other domain.
33. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Passive file screens
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
The Group Policy Management console
34. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Use the Local Roles options with dsmgmt.
Create an e-mail account in AD DS for your RMS users.
From Server1 - run the Create Basic Task Wizard
Import-Module
35. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Attach VHD file created by Windows server backup
Configure an audit policy by editing the default domain policy and configure Event Forwarding
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Set-ADServiceAccount cmdlet
36. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Restore-ADObject cmdlet
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Improve the performance of File Servers
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
37. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Service user account for AD LDS
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Group Policy Preferences
Ntdsutil
38. To ensure that recovery is possible if a file on a file server is deleted accidentally
Prestage the computer account in AD
Implement Shadow Copies
Passive file screens
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
39. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Active Directory Domains and Trusts
Implement one LUN for the quorum and another LUN for the data
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
40. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Add George to the Domain Admins group.
Software Restriction Polices
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Add the new UPN Suffix to the forest
41. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
42. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Basic Authentication and SSL
Set-ADServiceAccount cmdlet
Implement Network Access Protection (NAP)
FFL Windows Server 2008 R2
43. Your company recently created a corporate web site using their own internal developers. Recently your CIO has decided that it would be best that some of the work be done by an outside contractor - and to allow that contractor to only the specific sec
Use Netsh tool from administrator's computer.
View properties of %systemroot%ntdsntds.dit
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
IIS Manager user account
44. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Windows XP Mode
Disable Site Link Bridging from IP Properties
Configure authorization rules for Web developers on each web server
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
45. To allow a user to administer Active Directory
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Add the user to the Domain Admins global group
Assign the application to all client computers by using a GPO.
46. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
CAPublishGP group should have the Manage CA permission.
An Active Directory subnet object needs to be created.
NOT be able to store that data on an iSCSI SAN
Add the user to the Domain Admins global group
47. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
Deploy a GPO for the Sales OU
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Autonomous mode...This allows the local administrator to approve their own updates.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
48. If you need to be able to create shared folders on Server 2008 R2
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Event Log Subscriptions
49. You need an Active Directory strategy that supports the recovery of deleted objects for up to one year after the date of deletion. to accomplish this
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Increase the tombstone lifetime for the forest.
50. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
Test-AppLockerPolicy
Offline domain join
Microsoft Desktop Optimization Pack (MDOP) to your company
Configure caching on the shared folder and configure offline files to use encryption
