SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Ensure password length for a group set to 12 characters long while others keep password policy
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Configure Firewall Group Policies and link them at the Domain level
Add the new UPN suffix to the forest.
Add-ADFineGrainedPasswordPolicySubject cmdlet
2. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Service user account for AD LDS
Offline domain join
3. If you need to delegate control of server to remote admins group
DFL needs to be Windows Server 2008
Configure RODC for Administrator Role Separation
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Configure Audit Special Logon and define Special Groups
4. If subnets are connected by CISCO router that is RFC-1542 compliant
Use CISCO IP Helper command to configure.
Implement Windows System Resource Manager (WSRM) and configure user policies
802.1.x NAP
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
5. WSSvr1 has Windows SharePoint Services role installed and contains 20 SharePoint sites. You need to optimize performance and ensure that if CPU utilization exceeds 75% - then an equal amount of system resources are allocated to each SharePoint site.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Microsoft Application Virtualization (AppV)
Deploy it by using Group Policy Software Installation method
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
6. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
Win2000 Native
Repadmin
Implement Windows System Resource Manager (WSRM) and configure user policies
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
7. All servers use internal storage only. Srv1 is a Server 2008 R2 file server. you need to deploy a client/server application so that it is available if a single server fails. To achieve this while minimizing cost
Your machine and remote desktops
Deploy a failover cluster that uses Node and File Share Disk Majority
Folder redirection. Folder redirection is also useful when using roamin profiles.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
8. File that contains the last logon time and custom attributes values for each user in your forest.
Dsmgmt
Get-ADUser cmdlet
Additional DFS Targets
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
9. You need a solution that replaces servers that host 2 applications. This solution must use Windows Server 2008 R2 and minimize cost.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
10. The strongest form of NAP is
Create an e-mail account in AD DS for your RMS users
Create a Network Load Balancing cluster.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
11. To make sure that all current certificate holders automatically enroll for the new template - use what utility?
Certificate Templates
Folder redirection. Folder redirection is also useful when using roamin profiles.
Modify zone transfer settings for company.com zone on DCA
Winrm quickconfig
12. You need to design your WSUS infrastructure so that updates are highly available. To do so
Use Netsh tool from administrator's computer.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
FILES option within Ntdsutil
DFL needs to be Windows Server 2008
13. To backup to tape/robotic tape and to backup VMs you must use...
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Software Restriction Polices
Add the new UPN suffix to the forest.
Microsoft System Center Data Protection Manager 2010
14. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Get-ADUser cmdlet
Dsmgmt
Configure RODC for Administrator Role Separation
Microsoft System Center Data Protection Manager 2010
15. You need to recommend a BitLocker recovery method you should recommend this.
Data Recovery Agent
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Software Restriction Polices
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
16. To restore deleted user account from AD Recycle Bin...
fsconfig on FSSrv2
Restore-ADObject cmdlet
Ldp
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
17. If you need to minimize the bandwidth for installation
Add the new UPN Suffix to the forest
Utilize IFM (Install From Media)
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Implement GPO for all client computers
18. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Deploy it by using Group Policy Software Installation method
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Run adprep /forestprep and adprep /domainprep
19. You need a solution that allows a global group to perform the following: stop and start services; change registry settings; change network settings
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
20. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Create an Active Directory-Integrated zone.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Add the new UPN Suffix to the forest
Implement Windows System Resource Manager (WSRM) and configure user policies
21. What shold be done to configure AD RMS so users can protect their data?
Dynamically expanding VHD's
Implement the Windows Search Service.
Create an e-mail account in AD DS for your RMS users
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
22. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Add George to the Domain Admins group.
Configure caching on the shared folder (offline files)
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
23. What should be done to ensure changes made to AD objects can be logged?
NOT be able to store that data on an iSCSI SAN
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Create an e-mail account in AD DS for your RMS users
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
24. Capture all replication errors from all your DCs to a central location...
Implement a GPO for each domain
Configure event log subscriptions
Add-ADFineGrainedPasswordPolicySubject cmdlet
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
25. to ensure that users can ONLY view the list of DFS Targets to which they are assigned permissions
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Modify the local policy to point to the Internal WSUS server
Event Log Subscriptions
26. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Incoming external trust
Configure RODC for Administrator Role Separation
Microsoft SharePoint Foundation 2010
Dsmgmt
27. Striped volumes
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Improve the performance of File Servers
Create an Active Directory-Integrated zone.
28. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Refresh the zone on DNS2
Implement Windows System Resource Manager (WSRM) and configure user policies
Windows BitLocker Drive Encryption (Bit Locker)
Winrm quickconfig
29. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Dsmgmt
Win2000
Use local roles options within "dsmgmt"
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
30. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Autonomous mode...This allows the local administrator to approve their own updates.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Back up to an external USB drive by using Windows Server Backup
31. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Install and share a printer on a server and then enable printer pooling.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Microsoft Desktop Optimization Pack (MDOP)
32. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Microsoft System Center Data Protection Manager
Then use Windows Deployment Services (WDS) on DHCP1.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
33. Server1 collects all events that occur on your domain controllers. Using the minimal effort - from Event Viewer - what should be done to ensure you are notified when a specific event has occurred on any of your domain controllers?
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
IIS Chared Configuration
From Server1 - run the Create Basic Task Wizard
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
34. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Configure separate application pools for each application
Assign the application to computers in the PC OU
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Subnet object needs to be created
35. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
36. To join a server/PC outside of the domain to the network...
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
AD Domains and Trusts
From Server1 - run the Create Basic Task Wizard
djoin /requesteodj from internal server - djoin /provision from outside server/PC
37. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
Creating a data collector set that kick off a scritp that either move or delete files.
Dfsrdiag
Modify the schema of LDSInst1
Network Load Balancing (NLB) cluster
38. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Add-ADFineGrainedPasswordPolicySubject cmdlet
Domain based DFS namespace and configure a DFS replication group
39. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
Event Log Subscriptions
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Create a standard secondary of domain and create standard secondary of other domain.
40. You don't want users to be able to install removable devices on client computers. However - domain admins and desktop support technicians must be allowed to install removable devices on client computers
An Active Directory subnet object needs to be created.
Implement GPO for all client computers
Dsmgmt
Configure Audit Special Logon and define Special Groups
41. Your AD environment has an Enterprise Root CA. What 2 actions should you take to ensure that only administrators can sign code?
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Implement one LUN for the quorum and another LUN for the data
Dsmgmt
42. Users need to be warned when uploading or copying MP3 files onto a corporate network share. You should implement this.
Passive file screens
Offline domain join
Distributed File System (DFS) Replication
Create a new Password Settings Object (PSO) for the IT users.
43. In order to replicate SYSVOL shares by using DFS Replicaiton (DFS-R)
Raise the DFL to Windows Server 2008 R2.
Enable - ADoptionalFeature cmdlet
Creating a data collector set that kick off a scritp that either move or delete files.
Then install new Server 2008 R2 Enterprise subordinate CA.
44. To ensure that a file on a file server do not leave the organization you must implement this.
802.1.x NAP
Create a Network Load Balancing cluster.
AD RMS
Enable Windows Remote Management (WinRM) on each server.
45. When one needs to audit files - folders - printers and the registry enable
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Properties of PSO need modified
46. Your forest containts only Windows Server 2008 domain controllers. What should be done to prepare the AD domain to install Windows Server 2008 R2 DCs?
CAPublishGP group should have the Manage CA permission.
Run adprep /forestprep and adprep /domainprep
Ntfrsutil
Install Hyper-V role and convert physical machines into virtual machines
47. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
Creating a data collector set that kick off a scritp that either move or delete files.
Distributed File System (DFS) Replication
Win2000
Dsmgmt
48. You need an Active Directory strategy that supports the recovery of deleted objects for up to one year after the date of deletion. to accomplish this
View properties of %systemroot%ntdsntds.dit
Use CISCO IP Helper command to configure.
Increase the tombstone lifetime for the forest.
Purchase one additional Enterprise License
49. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
net stop ntds
Properties of PSO need modified
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
50. All users store their files in their Documents folder. Some of these are very large. You are going to implement roaming profiles for all your users. You will configure this by using a GPO. To minimize the amount of time it takes for your users to log
Modify the GPO to include folder redirection
New ACCOUNT STORE should be added and configured
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise