SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What document management solution allows you to keep multiple versions of documents and automatically apply access policies to these documents? You should recommend
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Configure caching on the shared folder (offline files)
Microsoft Application Virtualization (AppV)
2. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Test-AppLockerPolicy
3. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Add George to the Domain Admins group.
Subnet object needs to be created
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
4. Assign the application to the user if you want the icon to appear on the start menu or desktop - but to allow the user to install it. Keep in mind if you assign the application to the user ....
Modify the GPO to include folder redirection
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Active Directory Domains and Trusts
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
5. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Implement Distributed File System Replication (DFSR) on both servers
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Add-ADFineGrainedPasswordPolicySubject cmdlet
dsa.msc - dsamain.exe - ntdsutil.exe
6. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Dfsrdiag
File Server Resource Manager (FSRM) quotas and file screens
Import-Module
NOT be able to store that data on an iSCSI SAN
7. To ensure that the SQL Servers can fail over autoatically and support 2 TB drives
Recommend GPT and basic disks
AD Domains and Trusts
Network Load Balancing (NLB) cluster
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
8. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
9. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Refresh the zone on DNS2
Then configure auto enrollment of certificates and Credential Roaming.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
10. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
PDC emulator with w32tm.exe
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
WDS
Use the Local Roles options with dsmgmt.
11. You need to relocate an AD LDS instance from C: Drive to D: Drive
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Service user account for AD LDS
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
12. Capture all replication errors from all your DCs to a central location...
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
Configure event log subscriptions
Raise the DFL to Windows Server 2008 R2.
Enable Windows Remote Management (WinRM) on each server.
13. If you need to minimize the number of install images and support Win Server 2008 R2 deployment
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Implement Network Access Protection (NAP)
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Then use on install image file that contains a single install image.
14. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Create a Central Store
Then use Windows BitLocker Drive Encryption
Install Hyper-V role and convert physical machines into virtual machines
15. If you need to implement a Cert Services solution that automates distribution of certificates - ensures security and gives external users acess to resources that use cert-based authentication
Improve the performance of File Servers
Dfsrdiag
Deploy an off-line standalone Root CA - deploy an on-line Enterprise Subordinate CA - and deploy an on-line standalone Subordinate CA.
Jill came down with 2.50.
16. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
17. To create AD Domain Services snapshot
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Then configure GlobalNames zones on each domain controller.
Run adprep /forestprep and adprep /domainprep
Ntdsutil
18. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Modify the local policy to point to the Internal WSUS server
Disable Site Link Bridging from IP Properties
Winrm quickconfig
Import-Module
19. You have a failover cluster that has an application installed. Service level agreement requires 55 percent of processor and memory utilization to be reserved for the app. A solution to guarantee service level agreement would be
CAPublishGP group should have the Manage CA permission.
Recommend GPT and basic disks
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Create an Active Directory-Integrated zone.
20. Can be used to install the Windows RE on existing servers
WDS
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Logged changes must include old and new values of any attributes. - Run auditpol and then configure Security settings of Domain Controllers OU
Implement GPO for all client computers
21. The company requires that only users that have a certificate can recover BitLocker keys. To support this requirement you will need to
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
22. Domain.com's network consists of a Single AD domain. All servers and domain controllers run Windows Server 2008 R2. You need to ensure that you can: track all changes made to AD objects by the recently hired IT consulting firm; Ensure that the audits
Disable Site Link Bridging from IP Properties
Implement a GPO for each domain
Configure an audit policy by editing the default domain policy and configure Event Forwarding
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
23. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Network Load Balancing (NLB)
Dsmgmt
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Utilize IFM (Install From Media)
24. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
IIS Chared Configuration
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
CAPublishGP group should have the Manage CA permission.
25. to minimize the attack surface area of the servers and reduce licensing cost you should recommend
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Repadmin
Increase the tombstone lifetime for the forest.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
26. To be able to manage all the corporate servers from a workstation - you must install the
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Attach VHD file created by Windows server backup
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
27. If you need to encrypt all data on all disks
Then use Windows BitLocker Drive Encryption
Storage manager for SANs
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
28. When deploying software across a large distributed enterprise you can reduce the need for clients to obtain the necessary .msi file needed for installation from over the network. Placing applications .msi file in a shared folder that is replicated us
Deploy Microsoft System Center Operations Manager (SCOM)
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Domain based Distributed File System (DFS) will reduce network traffic
Enable Credential Roaming
29. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Deploy a GPO to the WebSrvOU
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
PowerShell 2.0
Active Directory Domains and Trusts
30. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Authorization Manager role assignment
Use local roles options within "dsmgmt"
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
From Server A - run Create Basic Task Wizard
31. To prevent account password from being cached on RODC server...
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Modify properties of RODC server computer account.
32. A DNS structure should be deployed acording to the following requirements: ensure resources in the root and child domains are accessible by FQDN; provide name resolution services in the event that a single server fails for a prolonged period of time;
Increase the tombstone lifetime for the forest.
Use the Local Roles options with dsmgmt.
Then use Windows Deployment Services (WDS)
You should: on one domain controller create an Active Directory-Integrated zone for remote domain and create and Active Directory-Integrated stub zone for main domain.
33. To replicate SYSVOL using Distributed File System Replication (DFSR)...
Deploy a GPO for the Sales OU
Ldp
DFL needs to be Windows Server 2008
Add the new UPN Suffix to the forest
34. Deployment solutions that will allow both the 64 bit version of Office 2010 and the 32 bit version Office 2003 to run at a same time on a Windows 7 computer - and to do that when the computer is offline - are very limited. You should recommend
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Microsoft Application Virtualization (AppV)
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Microsoft SharePoint Foundation 2010
35. You have 2 Server Core servers that are part of a Network Load Balance that host a web site. To be able to allow administrators - on their Windows 7 computers - remotely manage the NLB with automation
Enable Windows Remote Management (WinRM) on the servers.
Registry on users computer needs to be modified
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
36. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
PowerShell 2.0
Then use Windows Deployment Services (WDS)
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.
AD Domains and Trusts
37. Auditing the deletion of Registry keys on all Domain Controllers
Configure folder redirection
Recommend Offline Files
Modify Object Access Settings AND Global Object Access Auditing settings FROM Advanced Audit Policy configurations
Implement Distributed File System Replication (DFSR) on both servers
38. To configure AD FS so tokens contain information from Active Directory domain...
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
New ACCOUNT STORE should be added and configured
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
39. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Windows XP Mode
Offline domain join
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
40. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Share and Storage Management
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
41. What should be done so application does not fail after 30 days while still keeping password policy in mind?
Set-ADServiceAccount cmdlet
Jill came down with 2.50.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Active Directory Domains and Trusts
42. To enable the AD Recycle Bin
Enable - ADoptionalFeature cmdlet
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Deploy the Root CA certificate to the external computers.
Branch Cache server that operates in Hosted Cache mode in your recommendation. This is an ideal solution if the branch office already maintains a Server 2008 R2 server solution (no additional licenses would be needed)
43. If you need to delegate control of server to remote admins group
Add the new UPN suffix to the forest.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Configure RODC for Administrator Role Separation
Group Policy Preferences
44. File that contains the last logon time and custom attributes values for each user in your forest.
Get-ADUser cmdlet
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
45. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Raise the DFL to Windows Server 2008 R2.
Attach VHD file created by Windows server backup
Create a Network Load Balancing cluster.
46. New Password Policy needs to be created for OU different from domain password policy
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
47. The Computer Management snap-in allows you to create shares both on...
Role Separation
Additional DFS Targets
Disable Site Link Bridging from the IP properties
Your machine and remote desktops
48. To backup GPO's in domain and minimize bakcup...
The Group Policy Management Console
Share and Storage Management
Dynamically expanding VHD's
Authorization Manager
49. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Microsoft Desktop Optimization Pack (MDOP)
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Windows Server 2003
50. You need a solution for your Web servers that meet these requirements: ensures that the Web site is accessible even if a single server fails; supports the addition of more Web servers without interrupting client connections.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
The Group Policy Management Console
Then use on install image file that contains a single install image.
Create a Network Load Balancing cluster.
