SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
MEDV to deploy virtual desktops
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
2. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Raise the DFL to Windows Server 2008 R2.
Microsoft Application Virtualization (AppV)
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
3. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Implement Windows System Resource Manager (WSRM) and configure user policies
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Configure the zone as an Activde Directory-Integrated zone.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
4. Engineering department has 582 Windows Server 2008 R2 servers. You need to monitor the performance of all 582 with following requirements: Create alerts when average processor usage is higher than 85% for 15 minutes; Automatically adjust the processo
Deploy Microsoft System Center Operations Manager (SCOM)
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
802.1.x NAP
5. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort
6. To improve performance and provide redundancy if a single server fails - the intranet web site should be in this.
Network Load Balancing (NLB) cluster
Windows System Resource Manager (WSRM)
Active Directory Users and Computers
Create a Central Store
7. UPN Suffix xxxx.com needs to be available for user accounts...
Add the new UPN Suffix to the forest
PDC emulator with w32tm.exe
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Enable - ADoptionalFeature cmdlet
8. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Folder redirection. Folder redirection is also useful when using roamin profiles.
Domain based Distributed File System (DFS) will reduce network traffic
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Prestage the computer account in AD
9. When service account passwords need to be changed for SQL they should be...
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Changed manually
Then use Windows BitLocker Drive Encryption
Event Viewer
10. You need to design your WSUS infrastructure so that updates are highly available. To do so
Use CISCO IP Helper command to configure.
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Modify properties of RODC server computer account.
11. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Use a GPO to configure device installation restrictions
Ntdsutil
Then use Windows Deployment Services (WDS) on DHCP1.
12. All client computers run Windows 7. You have 8 Window Server 2003 servers that run Terminal Services. There is also an ISA server that runs the firewall. You need to plan on giving remote users access to the Terminal Servers according to these requir
Incoming external trust
Software Restriction Polices
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Enable Windows Remote Management (WinRM) on the servers.
13. The Computer Management snap-in allows you to create shares both on...
Upgrading DFS to Windows Server 2008 R2
Import-Module
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Your machine and remote desktops
14. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Subnet object needs to be created
Then use on install image file that contains a single install image.
AD Rights Management Services
15. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
16. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
Implement Distributed File System Replication (DFSR) on both servers
Utilize IFM (Install From Media)
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Deploy a failover cluster that contains one node in each office.
17. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Create a standard secondary of domain and create standard secondary of other domain.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
18. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?
19. What shold be done to configure AD RMS so users can protect their data?
Changed manually
Modify properties of RODC server computer account.
Microsoft SharePoint Foundation 2010
Create an e-mail account in AD DS for your RMS users
20. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Subnet object needs to be created
Your machine and remote desktops
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Enable Credential Roaming
21. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Configure the zone as an Activde Directory-Integrated zone.
Basic Authentication and SSL
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Dsmgmt
22. BLANK BLANK is a computer Group Policy setting that can be for example; Linked at an OU where public kiosks/remote desktop session host computers reside.
Service user account for AD LDS
Implement GPO for all client computers
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
View properties of %systemroot%ntdsntds.dit
23. 4 steps to perform offline Defragmentation of AD database...
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Data Recovery Agent
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
24. If you need to minimize amount of time and impact of 50 simultaneous Win7 installations
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Modify the local policy to point to the Internal WSUS server
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
25. 2 ways to relocate user and computer accounts to different OUs
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Then install new Server 2008 R2 Enterprise subordinate CA.
DSMOD - ADUC
Changed manually
26. to prevent VMs from receiving updats from a group policy
Active Directory Right Management Services (AD RMS)
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
27. To backup Virtual Machines
New ACCOUNT STORE should be added and configured
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
Add the user to the Domain Admins global group
28. DNS zone is stored in custom applicaiton directory partition. What tool is used to ensure replicaiton to new installed DC?
Modify zone transfer settings for company.com zone on DCA
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
dnscmd
29. What should be done to ensure changes made to AD objects can be logged?
Implement a GPO for each domain
Backup operator's domain local group
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
30. Can be used to install the Windows RE on existing servers
Properties of PSO need modified
Event Log Subscriptions
Domain based Distributed File System (DFS) will reduce network traffic
WDS
31. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Role Separation
Multipath I/O feature
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
32. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Windows BitLocker Drive Encryption (Bit Locker)
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Distributed File System (DFS) Replication
Implement one LUN for the quorum and another LUN for the data
33. To determine size of AD database file...
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
View properties of %systemroot%ntdsntds.dit
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
34. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Offline domain join
Winrm quickconfig
Folder redirection. Folder redirection is also useful when using roamin profiles.
35. To deploy templates across the organization
WSUS server in the branch office in replica mode.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Implement a Remote Desktop Connection Broker (RD Connection Broker)
36. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Group Policy Preferences
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Add the new UPN suffix to the forest.
37. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Microsoft Desktop Optimization Pack (MDOP) to your company
Authorization Manager
Dfsrdiag
dnscmd
38. You need to design a data storage solution that meets the following: users must be able to choose the documents that will be available when they are away from the network; minimize the number of documents that are stored on users' portable computers;
Configure offline files and enable manual caching
Modify the schema of LDSInst1
Implement Windows BitLocker Drive Encryption (BitLocker)
The Group Policy Management console
39. To protect all computers on the network from unwanted access and to ensure a consistent configuration
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Back up to an external USB drive by using Windows Server Backup
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Configure Firewall Group Policies and link them at the Domain level
40. Currently you already have in place AD - DNS and DHCP. You need an automated deployment solution for the new servers that will boot using native VHD's. You should recommend
Windows Deployment Services (WDS)
DSMOD - ADUC
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
View properties of %systemroot%ntdsntds.dit
41. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Configure offline files and enable manual caching
Zone transfer settings
Active Directory Users and Computers
42. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
CAPublishGP group should have the Manage CA permission.
43. There is a file server in each office that contains a shared folder named Data. You need to plan the data availability for the Data folder according to these requirements: if WAN link fails - the files in the Data folder must be available in all of t
Use Netsh tool from administrator's computer.
Deploy Microsoft System Center Operations Manager (SCOM)
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
dnscmd
44. You have a root domain and four child domains. Policy requirements state that all local guest accounts must be renamed and disabled - and all local administrator accounts must be renamed
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
File Server Resource Manager (FSRM) quotas and file screens
Implement a GPO for each domain
Active Directory Right Management Services (AD RMS)
45. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Execute the Set-ADServiceAccount cmdlet
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
CAPublishGP group should have the Manage CA permission.
Recommend GPT and basic disks
46. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Raise the DFL to Windows Server 2008 R2.
Include a server that runs Microsoft Office SharePoint Server 2010
47. hr.domain.com domain has an OU named Sales...You need to give UserA administrative rights so that he can manage Group Policies for the Sales OU while meeting the following requirments: UserA must be able to create and configure Group Polices in hr.do
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Deploy a failover cluster that uses Node and File Share Disk Majority
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Run the Delegation of Control Wizard on Sales OU. In Group Policy Management Console - modify the permissions of the Group Policy Objects container in the hr.domain.com domain.
48. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Changed manually
Data Recovery Agent
PDC emulator with w32tm.exe
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
49. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Then configure auto enrollment of certificates and Credential Roaming.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Administrators is the minimum group membership required to complete this procedure.
50. For the users that work remotely that need access to files from the corporate office you should...
Microsoft Desktop Optimization Pack (MDOP) to your company
Recommend Offline Files
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
dsa.msc - dsamain.exe - ntdsutil.exe