SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. GPO setting to prevent all users from running an application
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Software Restriction Polices
Configure the zone as an Activde Directory-Integrated zone.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
2. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Create a Central Store
Run the Delegation of Control Wizard on the Staff OU
CAPublishGP group should have the Manage CA permission.
3. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Autonomous mode...This allows the local administrator to approve their own updates.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Run the Delegation of Control Wizard on the Staff OU
Import-Module
4. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Dynamically expanding VHD's
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Deploy Microsoft System Center Operations Manager (SCOM)
5. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Service user account for AD LDS
Use CISCO IP Helper command to configure.
Create a Central Store
Enable Credential Roaming
6. To identify users who bypass the new corporate security policy -
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Deploy the Root CA certificate to the external computers.
Multipath I/O feature
Configure Audit Special Logon and define Special Groups
7. If users need access to files locally and must be able to access files at another site if the local copy is not available you should implement this.
A Distributed File System (DFS) namespace
Role Separation
Implement Windows BitLocker Drive Encryption (BitLocker)
Create a new Password Settings Object (PSO) for the IT users.
8. You need to recommend a solution for users in the branch office to access files in the main office. To minimize the amount of time it takes for users in the Branch office to access files stored on servers in the main office - and minimize the number
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
dsa.msc - dsamain.exe - ntdsutil.exe
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
9. To recover objects deleted from Active Directory you should recommend
Active Directory snapshots and Tombstone reanimation
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Configure caching on the shared folder (offline files)
Event Subscriptions
10. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve
11. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Modify zone transfer settings for company.com zone on DCA
12. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
Dfsrdiag
MEDV to deploy virtual desktops
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Install Windows Server Backup and modify the Windows firewall settings
13. File that contains the last logon time and custom attributes values for each user in your forest.
Win2000
Configure caching on the shared folder (offline files)
Get-ADUser cmdlet
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
14. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Zone transfer settings
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Dfsrdiag
Authorization Manager
15. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Configure folder redirection
16. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Create an e-mail account in AD DS for your RMS users.
Folder redirection. Folder redirection is also useful when using roamin profiles.
Zone transfer settings
djoin /requesteodj from internal server - djoin /provision from outside server/PC
17. Audit account management policy settings and Audit directory services access settings are enabled for the entire domain. What should be done to ensure that changes made to AD objects can be logged? The logged changes must include the old and new valu
NOT be able to store that data on an iSCSI SAN
Create a Network Load Balancing cluster.
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Modify the GPO to include folder redirection
18. Tools to view contents of an OU in an AD snapshot...
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
dsa.msc - dsamain.exe - ntdsutil.exe
19. You need to recommend a solution to minimize the amount of time it takes for the sales department users to locate files in teh course bookings share.
Incoming external trust
Implement the Windows Search Service.
Microsoft SharePoint Foundation 2010
Microsoft System Center Data Protection Manager 2010
20. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.
21. To defragment and AD database...
Deploy Microsoft System Center Operations Manager (SCOM)
Run auditpol and then configure the Security settings of the Domain Controllers OU.
The Group Policy Management Console
net stop ntds
22. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Refresh the zone on DNS2
Create an Active Directory-Integrated zone.
IIS Manager user account
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
23. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Ldp
Dfsrdiag
Run the Delegation of Control Wizard on the Staff OU
Configure offline files and enable manual caching
24. You need to recommend a server configuration to support a Web-based application that must meet these requirements: the app must be available to all users if a single server fails; support the installation of .NET applications; Minimize software costs
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Event Log Subscriptions
Ldp
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
25. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Purchase one additional Enterprise License
Modify properties of RODC server computer account.
Windows XP Mode
Disable Site Link Bridging from IP Properties
26. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Add the new UPN Suffix to the forest
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Modify the GPO to include folder redirection
Active Directory Domains and Trusts
27. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Network Load Balancing (NLB)
Deploy a failover cluster that uses Node and File Share Disk Majority
Then use Windows Deployment Services (WDS)
Configure an audit policy by editing the default domain policy and configure Event Forwarding
28. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Add the Windows Server Backup feature and Windows System Image recovery.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
29. You have three domain controllers that perform a full back up every day. You need a recovery strategy for AD objects that meets these requirements: allows objects in a backup to be compared to objects in the live AD database; minimizes admin effort.
Dsmgmt
Refresh the zone on DNS2
Microsoft SharePoint Foundation 2010
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
30. If you need to ensure that data is protected by BitLocker then you will...
Enable - ADoptionalFeature cmdlet
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Deploy a failover cluster that contains one node in each office.
NOT be able to store that data on an iSCSI SAN
31. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Enable Credential Roaming
Attach VHD file created by Windows server backup
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
32. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
ntdsutil
Dfsrdiag
33. You need to design your WSUS infrastructure so that updates are highly available. To do so
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Storage manager for SANs
Modify zone transfer settings for company.com zone on DCA
34. Deploying a web server farm can be costly. You need to minimize the amount of disk space used.
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Service user account for AD LDS
Raise the DFL to Windows Server 2008 R2.
35. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Implement Network Access Protection (NAP) that uses 802.1x enforcement
DSMOD
802.1.x NAP
PDC emulator with w32tm.exe
36. If a file server reaches 15% free disk space - you could free up some disk space by
dsa.msc - dsamain.exe - ntdsutil.exe
Enable - ADoptionalFeature cmdlet
Creating a data collector set that kick off a scritp that either move or delete files.
Windows XP Mode
37. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Assign the application to computers in the PC OU
Active Directory Users and Computers
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Active Directory Right Management Services (AD RMS)
38. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Import-Module
Windows Server 2003
Autonomous mode...This allows the local administrator to approve their own updates.
39. Need to access some resources in another domain that is part of another forest...What trust is created?
Incoming external trust
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
Authorization Manager
802.1.x NAP
40. To create and additional AD LDS applicaiton directory partition in existing instance...
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Ldp
Microsoft Application Virtualization (AppV)
Modify the schema of LDSInst1
41. Client computers run Windows 7 and all applications on the computers are configured to save documetns to the local Documents folder. You need a backup strategy that meets these: Back up the Documents folder for all users; minimize admin effort. To ac
Implement Windows System Resource Manager (WSRM) and configure user policies
Folder redirection. Folder redirection is also useful when using roamin profiles.
Set-ADServiceAccount cmdlet
Implement folder redirection by using GPO. Then backup the folder redirection target.
42. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
dsa.msc - dsamain.exe - ntdsutil.exe
PowerShell 2.0
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
43. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Modify zone transfer settings for company.com zone on DCA
44. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Add the Windows Server Backup feature and Windows System Image recovery.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
45. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Implement Network Access Protection (NAP)
AD Domains and Trusts
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
46. 4 steps to perform authoritative restore of a deleted OU...
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Utilize IFM (Install From Media)
Windows XP Mode
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
47. If users complain that it is hard to find the shared folders on the network implement
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Domain based Distributed File System (DFS) namespace and DFS Replication.
Create an e-mail account in AD DS for your RMS users.
Additional DFS Targets
48. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
IIS Chared Configuration
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Refresh the zone on DNS2
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
49. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
50. to make shares at a remote location available to users you should implement this.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
AD RMS
Create and deploy a logon script that runs Auditpol.
Domain based Distributed File System (DFS) namespace and DFS Replication.
