Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. USB storage deviced on the client computers can be very convenient; however they create a huge security risk. To help reduce the risk of USB deviced you can implement...
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Authorization Manager
Ntdsutil

2. To replicate SYSVOL using Distributed File System Replication (DFSR)...
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
DFL needs to be Windows Server 2008
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
djoin /requesteodj from internal server - djoin /provision from outside server/PC

3. What tool would you use to add a new User Principal Name (UPN) for all user accounts?
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Role Separation
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Active Directory Domains and Trusts

4. The strongest form of NAP is
Dsmgmt
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.

5. UPN Suffix xxxx.com needs to be available for user accounts...
Raise the DFL to Windows Server 2008 R2.
Create a standard secondary of domain and create standard secondary of other domain.
Add the new UPN Suffix to the forest
Microsoft Desktop Optimization Pack (MDOP) to your company

6. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

7. 3 Servers are Network Policy Servers (NPS) that function as RADIUS servers. The network has 20 wireless access points that are configured as RADIUS clients. You need to plan an audit strategy with the following requirements: stores audit data in a ce
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
FILES option within Ntdsutil
Configure offline files and enable manual caching

8. What shold be done to configure AD RMS so users can protect their data?
Windows BitLocker Drive Encryption (Bit Locker)
Implement a domain-based DFS namespace that uses replication
Create an e-mail account in AD DS for your RMS users
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.

9. With Group Polices having over 8 -000 different settings - the possibility of conflicting policies - and security filters you should track multiple versions and offline modifications to GPOs. You should recommend
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Recommend Active Directory delegation
Microsoft Desktop Optimization Pack (MDOP)
Implement Network Access Protection (NAP)

10. What should be done first to defragment the AD database?
Run net stop ntds
An Active Directory subnet object needs to be created.
Recommend Offline Files
Configure caching on the shared folder (offline files)

11. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
FILES option within Ntdsutil
Zone transfer settings
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Configure Firewall Group Policies and link them at the Domain level

12. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Configure separate application pools for each application
Add the Windows Server Backup feature and Windows System Image recovery.

13. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

14. Striped volumes
Configure block inheritance on the IT OU
Add the user to the Domain Admins global group
Improve the performance of File Servers
NOT be able to store that data on an iSCSI SAN

15. To make deploying the custom Word dictionary easy
Active Directory snapshots and Tombstone reanimation
Subnet object needs to be created
Recommend Group Policy preferences
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)

16. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
Create and deploy a logon script that runs Auditpol.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
An Active Directory subnet object needs to be created.
Create a Network Load Balancing cluster.

17. When configuring delegation of administration for Domain Controllers at a remote location you must Add the users or groups as members of the Domain Admins Group. However - be careful to allow just a certain user or group of users to manage the Domain
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
Implement Windows System Resource Manager (WSRM) and configure user policies
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.

18. To restore previous version of script without taking up too much of time...
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Ldp
Attach VHD file created by Windows server backup
Authorization Manager role assignment

19. What should be done to resolve names by using GlobalNames zone?
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
dnscmd tool
Install Windows Server Backup and modify the Windows firewall settings
Changed manually

20. New password settings object (PSO) created and needs to be applied to user
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Properties of PSO need modified
AD Domains and Trusts
Basic Authentication and SSL

21. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Deploy a GPO for the Sales OU
Add the user to the Domain Admins global group
Disable Site Link Bridging from IP Properties
Import-Module

22. AD CS is configured on Server1 as a standalone CA. What two actions should you do to audit changes to the CA configuration settings and the CA security settings?
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Upgrading DFS to Windows Server 2008 R2
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Execute the Set-ADServiceAccount cmdlet

23. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Zone transfer settings
Folder redirection. Folder redirection is also useful when using roamin profiles.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.

24. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Additional DFS Targets
Group Policy Preferences

25. Certain apps may require that the end user have the ability to make changes to the application - however some applications may allow these changes to be made in the registry. To give you as the administrator the ability to make changes as necessary -
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Group Policy Preferences
Modify the local policy to point to the Internal WSUS server
Deploy a GPO to the WebSrvOU

26. You have 159 server 2008 R2 servers that must meet the following: notification by e-mail to the administrator if error occurs on any server with minimum effort...
Discover the run Microsoft Baseline Security Analyzer (MBSA)
dnscmd tool
Active Directory snapshots and Tombstone reanimation
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events

27. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
The Group Policy Management console
Implement a domain-based DFS namespace that uses replication
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions

28. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
AD Rights Management Services
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie

29. You need to rebuild a server and reinstall the operating system - and rollback all operations master roles to original state...
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Implement a GPO for each domain
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Network Load Balancing (NLB) cluster

30. CAPublishGP needs to be able to publish new certificate revocation lists - but not be able to revoke certificates. How is this accomplished?
Ntfrsutil
CAPublishGP group should have the Manage CA permission.
Perform an authoritative restore
Include a server that runs Microsoft Office SharePoint Server 2010

31. The solution requires that teachers that have been issued district based laptops - work remotely - and teach only on-line classes - must connect to the school network using split-tunnel VPN. Need to be sure that: minimize traffic over the VPN wheneve

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

32. When implementing WSUS servers at branch offices or remote campuses you can configure the WSUS server a the remote location to be in
Run adprep /forestprep and adprep /domainprep
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Autonomous mode...This allows the local administrator to approve their own updates.
Administrative Role Separation

33. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Create a Network Load Balancing cluster.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
From Server1 - run the Create Basic Task Wizard

34. You need a patch management strategy to deploy updates to the computers on the secure network. To accomplish
Then use Windows Deployment Services (WDS) on DHCP1.
Software Restriction Polices
Purchase one additional Enterprise License
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.

35. Jack and Jill go up the hill - both with a buck and a quarter
Win2000
Jill came down with 2.50.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.

36. You are about to deploy 1 -000 Windows 7 desktops and your company has a web based application that only runs correctly when using IE 6. You should use
MEDV to deploy virtual desktops
Zone transfer settings
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP

37. You need to recommend management solution that will allow users to manage only certain parts of Hyper-V
Implement the Windows Search Service.
Subnet object needs to be created
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Authorization Manager

38. You need to relocate an AD LDS instance from C: Drive to D: Drive
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Add George to the Domain Admins group.
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Use CISCO IP Helper command to configure.

39. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Configure caching on the shared folder and configure offline files to use encryption
Dynamically expanding VHD's
Network Load Balancing (NLB) cluster
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates

40. to increase the reliability of the print server - configure...
Printer driver isolation
Active Directory Users and Computers
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Dynamically expanding VHD's

41. To ensure that a file on a file server do not leave the organization you must implement this.
Role Separation
AD RMS
Repadmin
New ACCOUNT STORE should be added and configured

42. Your data provisioning solution must meet the following requirements: users must have access to their Documents folder regardless of the client computer that they use; user documents should not be stored on the local client computer; minimize the tim
AD Rights Management Services
Configure folder redirection
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Prestage the computer account in AD

43. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Implement GPO for all client computers
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Windows System Resource Manager (WSRM)

44. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Windows Server 2003
Certificate Templates
Site
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.

45. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Win2000 Native
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
AD Domains and Trusts

46. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
Implement Distributed File System Replication (DFSR) on both servers
Create a standard secondary of domain and create standard secondary of other domain.
Then use Windows Deployment Services (WDS) on DHCP1.

47. PowerShell script to create user accounts with passwords from a file called password.csv
Modify the local policy to point to the Internal WSUS server
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Get-ADUser cmdlet
Active Directory Users and Computers utility

48. The Computer Management snap-in allows you to create shares both on...
Your machine and remote desktops
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Microsoft System Center Data Protection Manager
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition

49. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
Win2000
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Dsmgmt
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.

50. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Repadmin
Microsoft Desktop Optimization Pack (MDOP) to your company
Active Directory Domains and Trusts