Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
File Server Resource Manager (FSRM) quotas and file screens
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Configure Firewall Group Policies and link them at the Domain level
Then use on install image file that contains a single install image.

2. If your company has the need to create administrative templates (.admx) files for Active Directory runnin on server 2008 R2 you should recommend...
Implement GPO for all client computers
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Run adprep /forestprep and adprep /domainprep

3. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Increase the tombstone lifetime for the forest.
Deploy Microsoft System Center Operations Manager (SCOM)

4. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Configure the zone as an Activde Directory-Integrated zone.
Domain based Distributed File System (DFS) will reduce network traffic

5. If you need to encrypt all data on all disks
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Then use Windows BitLocker Drive Encryption
Configure caching on the shared folder and configure offline files to use encryption
Administrators is the minimum group membership required to complete this procedure.

6. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Authorization Manager
Assign the application to computers in the PC OU
Modify the local policy to point to the Internal WSUS server
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.

7. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Then use Windows BitLocker Drive Encryption
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Import-Module
Create a Network Load Balancing cluster.

8. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
A Distributed File System (DFS) namespace
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.

9. If you need to allow an external partner's computer to access internal network resources by using SSTP
Deploy the Root CA certificate to the external computers.
Authorization Manager role assignment
From Server1 - run the Create Basic Task Wizard
Deploy a failover cluster that uses Node and File Share Disk Majority

10. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Add the new UPN Suffix to the forest
Active Directory Domains and Trusts
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Include a server that runs Microsoft Office SharePoint Server 2010

11. 4 steps to perform offline Defragmentation of AD database...
Event Subscriptions
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Additional DFS Targets
Configure block inheritance on the IT OU

12. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
Microsoft Desktop Optimization Pack (MDOP)
Domain based Distributed File System (DFS) namespace and DFS Replication.
Modify the local policy to point to the Internal WSUS server
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1

13. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Upgrading DFS to Windows Server 2008 R2
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Site
Microsoft SharePoint Foundation 2010

14. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Add-ADFineGrainedPasswordPolicySubject cmdlet
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Windows System Resource Manager (WSRM)
Test-AppLockerPolicy

15. To be able to manage all the corporate servers from a workstation - you must install the
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Improve the performance of File Servers
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Active Directory Users and Computers utility

16. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
Windows Deployment Services (WDS)
Test-AppLockerPolicy
Administrators is the minimum group membership required to complete this procedure.
Implement a domain-based DFS namespace that uses replication

17. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
Create a new Password Settings Object (PSO) for the IT users.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
IIS Chared Configuration
Active Directory Domains and Trusts

18. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Domain based Distributed File System (DFS) will reduce network traffic
Domain based DFS namespace and configure a DFS replication group
Then use Windows Deployment Services (WDS) on DHCP1.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.

19. The two role services must be deployed to prevent machines from connecting to the network if their security center settings (Firewall - Windows Updates - Defender) are NOT up to date are
Add the user to the Domain Admins global group
dnscmd tool
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Share and Storage Management

20. To back up your Hyper-VMs and the Hyper-V host; for each VM -
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Autonomous mode...This allows the local administrator to approve their own updates.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.

21. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
Distributed File System (DFS) Replication
Restore-ADObject cmdlet
WSUS server in the branch office in replica mode.
CAPublishGP group should have the Manage CA permission.

22. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Modify properties of RODC server computer account.
fsconfig on FSSrv2
Dfsrdiag

23. To protect all computers on the network from unwanted access and to ensure a consistent configuration
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Enable - ADoptionalFeature cmdlet
FILES option within Ntdsutil
Configure Firewall Group Policies and link them at the Domain level

24. You need to ensure that the guest account on all servers is disabled to
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Configure caching on the shared folder and configure offline files to use encryption
Enable - ADoptionalFeature cmdlet

25. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Active Directory snapshots and Tombstone reanimation
From Server A - run Create Basic Task Wizard
Implement Windows System Resource Manager (WSRM)

26. Jack and Jill go up the hill - both with a buck and a quarter
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Attach VHD file created by Windows server backup
Jill came down with 2.50.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop

27. If subnets are connected by CISCO router that is RFC-1542 compliant
Install Windows Server Backup and modify the Windows firewall settings
Use CISCO IP Helper command to configure.
Back up to an external USB drive by using Windows Server Backup
Recommend GPT and basic disks

28. If you need to delegate control of server to remote admins group
Configure RODC for Administrator Role Separation
dnscmd tool
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition

29. SiteA is an existing AD site. You just created a new site in AD named SiteB. AD replication needs to be configured betwen the two sites so you install a new DC and you careatd a site link between the two sites. What should be done next?
Microsoft Application Virtualization (AppV)
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Prestage the computer account in AD
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.

30. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

31. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Import-Module
Incoming external trust
Storage manager for SANs
MEDV to deploy virtual desktops

32. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Run the Delegation of Control Wizard on the Staff OU
dnscmd tool
Set-ADServiceAccount cmdlet
Configure an audit policy by editing the default domain policy and configure Event Forwarding

33. You need to recommend a BitLocker recovery method you should recommend this.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Data Recovery Agent
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Configure authorization rules for Web developers on each web server

34. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

35. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

36. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Offline domain join
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Administrative Role Separation
Microsoft Desktop Optimization Pack (MDOP)

37. To ensure that a file on a file server do not leave the organization you must implement this.
Recommend Active Directory delegation
Dsmgmt
AD RMS
Microsoft System Center Data Protection Manager 2010

38. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
Microsoft Desktop Optimization Pack (MDOP) to your company
Service user account for AD LDS
Add the new UPN suffix to the forest.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.

39. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Configure offline files and enable manual caching
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Execute the Set-ADServiceAccount cmdlet

40. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Install Hyper-V role and convert physical machines into virtual machines
Jill came down with 2.50.
An Active Directory subnet object needs to be created.

41. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Configure offline files and enable manual caching
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.

42. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Run the Delegation of Control Wizard on the Staff OU
FILES option within Ntdsutil

43. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
DISABLE slow link detection in the GPO

44. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Recommend Active Directory delegation
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.

45. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Enable Credential Roaming
Set-ADServiceAccount cmdlet
Get-ADUser cmdlet

46. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Dsmgmt
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.

47. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Your machine and remote desktops
Repadmin
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Windows Deployment Services (WDS)

48. For the users that work remotely that need access to files from the corporate office you should...
Create an Active Directory-Integrated zone.
Recommend Offline Files
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Disable Site Link Bridging from IP Properties

49. You need to access some resources in another domain that is part of another forest. What type of trust should you create?
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Incoming external trust
Network Load Balancing (NLB)
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.

50. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
NOT be able to store that data on an iSCSI SAN
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Offline domain join