SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. You need to recommend a solution for users in the branch office to access files in the main office. To minimize the amount of time it takes for users in the Branch office to access files stored on servers in the main office - and minimize the number
FILES option within Ntdsutil
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
Install Hyper-V role and convert physical machines into virtual machines
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
2. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Implement the Windows Search Service.
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Administrators is the minimum group membership required to complete this procedure.
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
3. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Then use on install image file that contains a single install image.
WDS
Multipath I/O feature
Dfsrdiag
4. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Set-ADServiceAccount cmdlet
5. Need to ensure users receive updated template within five days...
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
CAPublishGP group should have the Manage CA permission.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Registry on users computer needs to be modified
6. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Create and deploy a logon script that runs Auditpol.
Dsmgmt
Install the RSAT tool on their workstation to provide for more efficient network management
7. You have a main office that contains two domain controllers and a branch office that has an RODC. What should be done so that a user named George can install updates on the RODC while preventing George from logging on to any other domain controller?
Use the Local Roles options with dsmgmt.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Deploy a GPO to the WebSrvOU
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
8. Internet access is provided through the main office to the satellite offices. You need to design a patch management for the satellite offices that meet the following requirements: WSUS updates are approved from a central location; internet traffic is
Disable Site Link Bridging from IP Properties
Recommend Group Policy preferences
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Raise the DFL to Windows Server 2008 R2.
9. You need a solution that meets policy while minimizing hardware and software costs
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Zone transfer settings
Enable - ADoptionalFeature cmdlet
Create a new Password Settings Object (PSO) for the IT users.
10. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Deploy a failover cluster that uses Node and File Share Disk Majority
Configure caching on the shared folder (offline files)
Winrm quickconfig
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
11. From Win7 PC - to view all account logon successes that occur on domain and consolidate to one list...
Winrm quickconfig
Implement Network Access Protection (NAP)
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
12. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Get-ADUser cmdlet
Assign the application to computers in the PC OU
Implement Windows System Resource Manager (WSRM)
Data Recovery Agent
13. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Recommend GPT and basic disks
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
14. If you need to be able to create shared folders on Server 2008 R2
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Domain based DFS namespace and configure a DFS replication group
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
15. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Configure caching on the shared folder and configure offline files to use encryption
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Configure Audit Special Logon and define Special Groups
16. To help restrict access to Windows 7 computer in the event that it gets stolen implement
Windows BitLocker Drive Encryption (Bit Locker)
Distributed File System (DFS) Replication
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Configure separate application pools for each application
17. You need an Active Directory strategy that supports the recovery of deleted objects for up to one year after the date of deletion. to accomplish this
Purchase one additional Enterprise License
Increase the tombstone lifetime for the forest.
Create ADMX and ADML files. Configure the GPO and link it to the domain.
MEDV to deploy virtual desktops
18. If you want to implement BitLocker and store recovery informaiton in a central location
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Add-ADFineGrainedPasswordPolicySubject cmdlet
Create an Active Directory-Integrated zone.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
19. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
Windows XP Mode
Multipath I/O feature
Encrypting File System (EFS). This can be enabled locally or through a GPO.
From Server A - run Create Basic Task Wizard
20. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Then install new Server 2008 R2 Enterprise subordinate CA.
21. To be able to user an application from one AD FS with authentication server to another...
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
A relying party trust should be created.
Win2000
22. What should be configured to ensure domain controllers only replicate between doain controllers in adjacent sites?
Dfsrdiag
Disable Site Link Bridging from IP Properties
FFL Windows Server 2008 R2
Microsoft Desktop Optimization Pack (MDOP) to your company
23. To recover objects deleted from Active Directory you should recommend
1) Publish the code signing template. 2) Modify the security settings on the template to allow only the administrators to request code signing certificates.
Service user account for AD LDS
Active Directory Users and Computers
Active Directory snapshots and Tombstone reanimation
24. Enables you to receive emails when domain users locked out of accounts...
WDS
Event Viewer
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
25. DFL is...
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Disable Site Link Bridging from the IP properties
Win2000 Native
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
26. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
Add-ADFineGrainedPasswordPolicySubject cmdlet
dsa.msc - dsamain.exe - ntdsutil.exe
Recommend Offline Files
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
27. To compact AD database...
Run net stop ntds
Active Directory Users and Computers utility
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
FILES option within Ntdsutil
28. To allow administrators to create and store .ADMX templates in a way that allows them to have access to the template no matter what administrative computer they logon to you must
Create a Central Store
Increase the tombstone lifetime for the forest.
WDS
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
29. To allow a user to administer Active Directory
Software Restriction Polices
Set-ADServiceAccount cmdlet
Add the user to the Domain Admins global group
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
30. You have two identical print devices. You must plan a print services infrastructure where: the print services must be available - even if one print device fails and have the ability to manage the print queue from a central location
DFL needs to be Windows Server 2008
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Microsoft Application Virtualization (AppV)
Install and share a printer on a server and then enable printer pooling.
31. To modify several user accounts to a new UPN suffix
Implement Windows System Resource Manager (WSRM) and configure user policies
Active Directory Users and Computers utility
Winrm quickconfig
Passive file screens
32. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Certificate Templates
33. For complete fault tolerance the backend SQL Server should be protected as well - by placing it in a MSCS Failover Cluster) - To allow computers that are members of the domain to receive updates from a local WSUS you can easily create a group policy
Modify the local policy to point to the Internal WSUS server
Implement Windows System Resource Manager (WSRM) and configure user policies
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
34. When implementing a Hyper-V environment the benefits are enormous - however there are certain aspects of virtualization that can create some additional administrative overhead that you can not have in a pure physical environment for example
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Software Restriction Polices
Creating a data collector set that kick off a scritp that either move or delete files.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
35. To allow all users in the forest to be able to resolve the names in the Forest Root Partition
Deploy Microsoft System Center Operations Manager (SCOM)
Active Directory Domains and Trusts
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
36. If you want to allow the administrator in each office to manage DHCP scope for their own office - and prevent the administror of one office from managing DHCP scopes on the DHCP server in another office with mimimal admin effort
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Implement Windows System Resource Manager (WSRM) and configure user policies
37. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
38. 4 steps to perform authoritative restore of a deleted OU...
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Upgrading DFS to Windows Server 2008 R2
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
39. Striped volumes
Improve the performance of File Servers
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Install and share a printer on a server and then enable printer pooling.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
40. What shold be done to configure AD RMS so users can protect their data?
Windows XP Mode
Create an e-mail account in AD DS for your RMS users
Share and Storage Management
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
41. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
Modify the GPO to include folder redirection
Test-AppLockerPolicy
Add the Windows Server Backup feature and Windows System Image recovery.
Disable Site Link Bridging from the IP properties
42. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Your machine and remote desktops
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Configure event log subscriptions
43. To know if a new applicaiton is going to run on your network computers via AppLocker in GPO
Implement a Remote Desktop Connection Broker (RD Connection Broker)
New ACCOUNT STORE should be added and configured
Windows System Resource Manager (WSRM)
Test-AppLockerPolicy
44. If you need to allow an external partner's computer to access internal network resources by using SSTP
Install Hyper-V role and convert physical machines into virtual machines
Configure block inheritance on the IT OU
Deploy the Root CA certificate to the external computers.
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
45. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Winrm quickconfig
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Event Log Subscriptions
Assign the application to all client computers by using a GPO.
46. To control access to resources using WSRM and to help prevent memory leaks from monopolizing your web server
Configure separate application pools for each application
Windows Deployment Services (WDS)
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
47. 3 servers are configured as DNS servers and are ADI for the company.com zone. DNS only allows for secure updates - but you need to enable dynamic DNS updates on DCC.company.com...What do you do?
Configure authorization rules for Web developers on each web server
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Data Recovery Agent
48. Certain groups of users must be able to approve certificate requrests and revoke certificates but not be able to modify the properties of the CA. You should recommend
Role Separation
Service user account for AD LDS
Deploy a failover cluster that contains one node in each office.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
49. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Zone transfer settings
Event Subscriptions
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
50. The Authorization Manager console is a Microsoft Management Console (MMC) snap-in. You can run the Authorization Manager console as a stand-alone console - or add it to any MMC console.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Event Subscriptions
Administrators is the minimum group membership required to complete this procedure.
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
