Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Attach VHD file created by Windows server backup
Create a Network Load Balancing cluster.
Add George to the Domain Admins group.

2. To recover objects deleted from Active Directory you should recommend
Use the Local Roles options with dsmgmt.
FFL Windows Server 2008 R2
Active Directory snapshots and Tombstone reanimation
Modify zone transfer settings for company.com zone on DCA

3. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Add-ADFineGrainedPasswordPolicySubject cmdlet
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Dsmgmt

4. If you need to allow an external partner's computer to access internal network resources by using SSTP
Deploy the Root CA certificate to the external computers.
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Deploy it by using Group Policy Software Installation method
Modify the GPO to include folder redirection

5. You need to deploy 15 Server Core installations that are only accessible by HTTP and HTTPS. Administration of these must be able to enable administrators to install and administer server roles remotely and fully manage servers remotely
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Create an e-mail account in AD DS for your RMS users.
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Enable Windows Remote Management (WinRM) on each server.

6. To ensure that when certain users log on to any client computers in the branch office - they automatically receive the local administrator rights to the computer - and when they log off - they must lose the administrator rights
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Test-AppLockerPolicy

7. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
From Server A - run Create Basic Task Wizard
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Create a new Password Settings Object (PSO) for the IT users.
Implement Shadow Copies

8. You need to ensure that users that access your web site can use any browser; however - they must be authenticated on a membership page. In order for this authentication to be done securely in IIS implement
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
File Server Resource Manager (FSRM) quotas and file screens
Then use on install image file that contains a single install image.
Basic Authentication and SSL

9. Srv1 is a Server 2008 R2 file server. If you want users to be able to access shared files when they are disconnected from the network -
Configure RODC for Administrator Role Separation
Registry on users computer needs to be modified
Configure caching on the shared folder (offline files)
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.

10. Enables you to receive emails when domain users locked out of accounts...
Import-Module
Event Viewer
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Include a server that runs Microsoft Office SharePoint Server 2010

11. You need to recommend the minimum number of logical unit numbers (LUNs) that must be provisioned for Cluster. If the cluster has an even number of nodes ...
Jill came down with 2.50.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Changed manually
Implement one LUN for the quorum and another LUN for the data

12. To join a server/PC outside of the domain to the network...
Recommend Offline Files
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
djoin /requesteodj from internal server - djoin /provision from outside server/PC
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.

13. To backup to tape/robotic tape and to backup VMs you must use...
Assign the application to all client computers by using a GPO.
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Microsoft System Center Data Protection Manager 2010
FFL Windows Server 2008 R2

14. Your file server contains 2 volumes; one that contains the operating system and the other volume contains all data files. Your recovery strategy must meet these requirements: allows the operating system to be restored; allows the data files to be res
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
Add the Windows Server Backup feature and Windows System Image recovery.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
From Server1 - run the Create Basic Task Wizard

15. To ensure that recovery is possible if a file on a file server is deleted accidentally
Modify the local policy to point to the Internal WSUS server
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
Implement Shadow Copies
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

16. You just dconfigured so that Server1 zone is stored in AD and accept secure dynamic updates. What command should be executed so that Server2 can accept secure dynamic updates?
DSMOD
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary

17. You need to modify DNS infrastructure to support dynamic updates to ALL DNS servers; ensure DNS service available even if single server fails; encrypt the synchronization data sent between DNS servers.
Deploy it by using Group Policy Software Installation method
Configure the zone as an Activde Directory-Integrated zone.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
PowerShell 2.0

18. What should be done first to defragment the AD database?
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Run net stop ntds
Authorization Manager

19. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Active Directory Right Management Services (AD RMS)
Changed manually
Then use on install image file that contains a single install image.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library

20. To compact AD database...
Implement folder redirection by using GPO. Then backup the folder redirection target.
FILES option within Ntdsutil
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Create and deploy a logon script that runs Auditpol.

21. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Zone transfer settings
Improve the performance of File Servers

22. UPN Suffix xxxx.com needs to be available for user accounts...
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Add the new UPN Suffix to the forest
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Deploy one new server that runs Windows Server 2008 R2 Enterprise Edition and install the Hyper-V feature on the new server. Then create three child virtual machines.

23. Your AD domain has an OU named Sales OU that contains the user accounts of the Sales department. A new password polity needs to be created for the Sales department that is different from the domain password policy. How is this accomplished?
Implement Windows System Resource Manager (WSRM)
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Add all the sales user accounts into a new global security group. Create a new Password Policy Object (PSO) and apply it to the group.

24. Files servers need to stay connected to the SAN if a NIC fails. You should recommend
Multipath I/O feature
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.

25. You need to design your WSUS infrastructure so that updates are highly available. To do so
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
1) Enable the Audit object access setting in the Local Security Policy for Srv1. 2) Configure auditing in the Certification Authority snap-in.

26. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Windows BitLocker Drive Encryption (Bit Locker)
Configure authorization rules for Web developers on each web server
Basic Authentication and SSL
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP

27. You have a 2008 R2 server configured as Remote Desktop Session host. You need to deploy a line-of-business app; however - the app requires desktop themes to be enabled. Your deployment strategy must meet these requirements: only authorized users must
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Recommend Active Directory delegation
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.

28. Recently it was decided to increase the performance of the company's Web Servers by deploying a NLB Web server farm. You need to ensure that the content is easily replicated across all the servers in the farm. You should implement this.
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Distributed File System (DFS) Replication
Modify the local policy to point to the Internal WSUS server
Implement Windows System Resource Manager (WSRM)

29. To prevent account password from being cached on RODC server...
Microsoft Desktop Optimization Pack (MDOP) to your company
Configure RADIUS accounting by using local file loggin on each server. Store the log files in an Internet Authentication Service (IAS) format on a shared folder on one of the servers (Srv1).
Install the RSAT tool on their workstation to provide for more efficient network management
Modify properties of RODC server computer account.

30. Deployment of 10 WSUS servers across 10 branch office will take place over a three month period. The bandwidth between the corporate office and the branch offices must be minimized due to budget contraints within the company. Admins in the corporate
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Basic Authentication and SSL
WDS

31. AD structure includes a forest with one root domain and one child domain. Child domain lists entries that start with "S-1-5-21" but no account name listed. What should be done so account names are listed?
Creating a data collector set that kick off a scritp that either move or delete files.
Network Load Balancing (NLB) cluster
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.

32. You need to recommend a solution to ensure that users in the Philadelphia corporate office can access the courseware files in the remote Fernwood office. You should deploy this.
Microsoft SharePoint Foundation 2010
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Domain based DFS namespace and configure a DFS replication group
Repadmin

33. If you need a VPN soluction that stores VPN passwords as encrypted text and supports automatic enrollment of certificates
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Ntdsutil
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.

34. ServerA collects all events that occur on domain controllers with minimum effort from Event Viewer - what should be done to ensure notified when specific event occurs on any domain controllers...
A Distributed File System (DFS) namespace
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Configure authorization rules for Web developers on each web server
From Server A - run Create Basic Task Wizard

35. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Configure Audit Special Logon and define Special Groups
Recommend Active Directory delegation
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
An Active Directory subnet object needs to be created.

36. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Offline domain join
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.

37. Two different solutions are available to help assign IP addresses to remote clients that need to VPN or Dial-in to the branch office.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

38. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
AD Domains and Trusts
Network Load Balancing (NLB)
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up

39. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Test-AppLockerPolicy
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Microsoft System Center Data Protection Manager 2010

40. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Microsoft SharePoint Foundation 2010

41. Capture all replication errors from all your DCs to a central location...
Increase the tombstone lifetime for the forest.
Configure event log subscriptions
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.

42. If you need to minimize the bandwidth for installation
Install Windows Server 2008 R2 Web Edition - it will use the least amount of disk space.
Utilize IFM (Install From Media)
Implement a Remote Desktop Connection Broker (RD Connection Broker)
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).

43. When backing up multiple servers it is a Microsoft best practice to add the authorized user or group to the

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

44. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Implement Windows System Resource Manager (WSRM) and configure user policies
Deploy Microsoft System Center Operations Manager (SCOM)
Assign the application to all client computers by using a GPO.
Install Hyper-V role and convert physical machines into virtual machines

45. You need a solution that meets policy while minimizing hardware and software costs
Properties of PSO need modified
Event Log Subscriptions
Create a new Password Settings Object (PSO) for the IT users.
Improve the performance of File Servers

46. You have a main office and a branch office. Your Active Director domain runs at functional level Windows Server 2008. You are planning to implement file servers in each office. Your file sharing implementation must meet the following requirements: us
DFL needs to be Windows Server 2008
Group Policy Preferences
Modify properties of RODC server computer account.
Implement a domain-based DFS namespace that uses replication

47. SrvA has the AD LDS role and an instance named LDSInst1. You connect to this instance by using the ADSI Edit utility. When you execute the Create Object wizard there is no User object class. What should be done so you can create user objects in LDSIn
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
net stop ntds
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Modify the schema of LDSInst1

48. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Assign the application to computers in the PC OU
DFL needs to be Windows Server 2008
Perform an authoritative restore

49. To be able to user an application from one AD FS with authentication server to another...
Implement Network Access Protection (NAP) that uses 802.1x enforcement
A relying party trust should be created.
Install From Media IFM
Windows System Resource Manager (WSRM)

50. The strongest form of NAP is
Create an e-mail account in AD DS for your RMS users.
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
IPSec based enforcement. IPSec enforcement should be used when you want a stronger solution than 802.1x - DHCP or VPN based NAP. IPSec based NAP cannot be bypassed by modifying the NAP agent/client.
Subnet object needs to be created