Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Configure separate application pools for each application
Basic Authentication and SSL
Implement one LUN for the quorum and another LUN for the data

2. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Active Directory Domains and Trusts
Restore-ADObject cmdlet
Install From Media IFM
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.

3. When using Remote Desktop and Remote Desktop Session hosts - to be able to control both who can gain access - and to what - on the network configure;
Win2000 Native
A Distributed File System (DFS) namespace
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Create a GPO and link the GPO to the domain then configure the GPO to be enforced

4. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Create an Active Directory-Integrated zone.
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU

5. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Configure authorization rules for Web developers on each web server
Enable Windows Remote Management (WinRM) on the servers.

6. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Domain based Distributed File System (DFS) will reduce network traffic
Add-ADFineGrainedPasswordPolicySubject cmdlet
Install Windows Server Backup and modify the Windows firewall settings
WDS

7. If you need to ensure that data is protected by BitLocker then you will...
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Refresh the zone on DNS2
Recommend Active Directory delegation
NOT be able to store that data on an iSCSI SAN

8. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Restore-ADObject cmdlet
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Use a GPO to configure device installation restrictions
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).

9. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Enable Credential Roaming
IIS Chared Configuration
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

10. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Raise the DFL to Windows Server 2008 R2.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Install Microsoft Secure Socket Tunneling Protocol (SSTP)

11. New Password Policy needs to be created for OU different from domain password policy
Domain based Distributed File System (DFS) namespace and DFS Replication.
Deploy the Root CA certificate to the external computers.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller

12. To make deploying the custom Word dictionary easy
Active Directory snapshots and Tombstone reanimation
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Active Directory Domains and Trusts
Recommend Group Policy preferences

13. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Storage manager for SANs
Folder redirection. Folder redirection is also useful when using roamin profiles.
Windows System Resource Manager (WSRM)
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)

14. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Deploy a GPO for the Sales OU
Implement the Windows Search Service.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Use local roles options within "dsmgmt"

15. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Disable Site Link Bridging from the IP properties
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.

16. If a file server reaches 15% free disk space - you could free up some disk space by
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Creating a data collector set that kick off a scritp that either move or delete files.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Back up to an external USB drive by using Windows Server Backup

17. To recover objects deleted from Active Directory you should recommend
Implement Windows System Resource Manager (WSRM)
Active Directory snapshots and Tombstone reanimation
Printer driver isolation
Deploy a GPO to the WebSrvOU

18. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Increase the tombstone lifetime for the forest.
Implement Windows System Resource Manager (WSRM)
Configure Audit Special Logon and define Special Groups
Windows BitLocker Drive Encryption (Bit Locker)

19. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Deploy it by using Group Policy Software Installation method
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Windows BitLocker Drive Encryption (Bit Locker)
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer

20. You need to deploy a sales application that only the sales users must have access to
AD Domains and Trusts
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Deploy a GPO for the Sales OU

21. For the users that work remotely that need access to files from the corporate office you should...
Deploy a GPO for the Sales OU
Recommend Offline Files
Folder redirection. Folder redirection is also useful when using roamin profiles.
Authorization Manager

22. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Configure caching on the shared folder (offline files)
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.

23. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Administrative Role Separation
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Folder redirection. Folder redirection is also useful when using roamin profiles.
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.

24. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
The Group Policy Management Console
dsa.msc - dsamain.exe - ntdsutil.exe
Repadmin
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.

25. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Modify the local policy to point to the Internal WSUS server
DISABLE slow link detection in the GPO
Active Directory Users and Computers
Offline domain join

26. To ensure that admins in the corporate office can manage and control all Windows Updates and manage WSUS computer groups - deploy this.
MEDV to deploy virtual desktops
WSUS server in the branch office in replica mode.
Administrative Role Separation
Modify the schema of LDSInst1

27. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Modify properties of RODC server computer account.
Group Policy Preferences
Dsmgmt
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.

28. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Deploy a GPO to the WebSrvOU
Basic Authentication and SSL
From Server1 - run the Create Basic Task Wizard
Microsoft System Center Data Protection Manager 2010

29. If you need to encrypt all data on all disks
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Create a new Password Settings Object (PSO) for the IT users.
Then use Windows BitLocker Drive Encryption
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.

30. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Raise the DFL to Windows Server 2008 R2.
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Windows Deployment Services (WDS)

31. You are upgrading only a few computers in one department to Windows 7. These computers are running a legacy XP application you should recommend...
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Windows XP Mode
Active Directory Right Management Services (AD RMS)
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.

32. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Winrm quickconfig
An Active Directory subnet object needs to be created.
Dsmgmt
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)

33. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Import-Module
Add the new UPN suffix to the forest.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers

34. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Add George to the Domain Admins group.

35. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Increase the tombstone lifetime for the forest.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Purchase one additional Enterprise License
Then use Windows Deployment Services (WDS) on DHCP1.

36. when deploying Virtual Machines in a Remote Desktop pool you can minimize the amount of disk space used by the VM and reduced the admin effort by deploying this.
Configure authorization rules for Web developers on each web server
Add-ADFineGrainedPasswordPolicySubject cmdlet
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.

37. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Configure offline files and enable manual caching
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Implement Windows BitLocker Drive Encryption (BitLocker)

38. All servers run 2008 R2 and all client computers run Windows 7. Server users have laptops and work from home. You need to plan an infrastructure to secure sensitive files according to these requirements: files must be - stored in an encrypted format;
Include a server that runs Microsoft Office SharePoint Server 2010
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
dnscmd tool

39. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Test-AppLockerPolicy
Active Directory Domains and Trusts
Purchase one additional Enterprise License
Ntdsutil

40. What role to keep same time as an external server?
PDC emulator with w32tm.exe
DSMOD - ADUC
Then use Windows Deployment Services (WDS)
ntdsutil

41. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Zone transfer settings

42. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Network Load Balancing (NLB)
Then use Windows BitLocker Drive Encryption
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Use CISCO IP Helper command to configure.

43. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Group Policy Preferences
Event Log Subscriptions
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Implement Distributed File System Replication (DFSR) on both servers

44. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Configure Firewall Group Policies and link them at the Domain level
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates

45. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Data Recovery Agent
Then use Windows BitLocker Drive Encryption
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010

46. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
File Server Resource Manager (FSRM) quotas and file screens
PDC emulator with w32tm.exe
From Server1 - run the Create Basic Task Wizard
Your machine and remote desktops

47. to ensure that server backups can be performed remotely from your backup server on your company file server you should perform these two actions
Authorization Manager role assignment
Install Windows Server Backup and modify the Windows firewall settings
Increase the tombstone lifetime for the forest.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.

48. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Then use on install image file that contains a single install image.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Create an e-mail account in AD DS for your RMS users

49. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

50. PowerShell script to create user accounts with passwords from a file called password.csv
Implement a domain-based DFS namespace that uses replication
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Microsoft Application Virtualization (AppV)
Folder redirection. Folder redirection is also useful when using roamin profiles.

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Major Subjects
Tests & Exams AP CLEP DSST GRE SAT GMAT	Certifications CISSP go to https://www.isc2.org/ PMP ITIL RHCE MCTS More...	IT Skills Android Programming Data Modeling Objective C Programming Basic Python Programming Adobe Illustrator More...	Business Skills Advertising Techniques Business Accounting Basics Business Strategy Human Resource Management Marketing Basics More...
Soft Skills Body Language People Skills Public Speaking Persuasion Job Hunting And Resumes More...	Vocabulary GRE Vocab SAT Vocab TOEFL Essential Vocab Basic English Words For All Global Words You Should Know Business English More...	Languages AP German Vocab AP Latin Vocab SAT Subject Test: French Italian Survival Norwegian Survival More...	Engineering Audio Engineering Computer Science Engineering Aerospace Engineering Chemical Engineering Structural Engineering More...
Health Sciences Basic Nursing Skills Health Science Language Fundamentals Veterinary Technology Medical Language Cardiology Clinical Surgery More...	English Grammar Fundamentals Literary And Rhetorical Vocab Elements Of Style Vocab Introduction To English Major Complete Advanced Sentences Literature Homonyms More...	Math Algebra Formulas Basic Arithmetic: Measurements Metric Conversions Geometric Properties Important Math Facts Number Sense Vocab Business Math More...	Other Major Subjects Science Economics History Law Performing-arts Cooking Logic & Reasoning Trivia

Test your basic knowledge |

MSITP

Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?

Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests

Major Subjects

Tests & Exams

Certifications

IT Skills

Business Skills

Soft Skills

Vocabulary

Languages

Engineering

Health Sciences

English

Math

Other Major Subjects

Browse all subjects

Browse all tests

Most popular tests