SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If the branch office has its own high speed WAN link and you need to minimize traffice between the corporate office and the Branch office - configure this.
Raise the DFL to Windows Server 2008 R2.
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Implement GPO for all client computers
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
2. George's user account has been deleted in Active Directory. George's user account needs to be restored by usine minimal amount of effort. What should be done?
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
Perform an authoritative restore
Deploy a failover cluster that uses Node and File Share Disk Majority
Prestage the computer account in AD
3. You have 5 windows Server 2008 R2 servers that are configured with the File Server role. you need to monitor the file servers with the following requirements in mind: administrators must be able to create reports that display folder usage by differen
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
dsa.msc - dsamain.exe - ntdsutil.exe
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Add George to the Domain Admins group.
4. All servers are 2008 R2. All client computers are Vista and have Outlook 2007 installed. Following resources are being accessed: exchange 2010 by using Outlook 2007 - database server on TCP port 38968 - 2008 R2 file servers. You need to provide users
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Active Directory Domains and Trusts
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
5. To be able to remotely administer DNS servers that run on the Server Core installation of Server 2008 R2 - via MMC console
Multipath I/O feature
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Administrators is the minimum group membership required to complete this procedure.
6. Srv1 - Srv2 - Srv 3 are Network Policy Servers (NPS) that function as RADIUS Servers. Srv1 is also Microsoft SQL Server 2008 server. The network has 20 wireless access points that are configured as RADIUS clients. You need an audit strategy with the
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
7. If you need to ensure that data is protected by BitLocker then you will...
Your machine and remote desktops
Multipath I/O feature
NOT be able to store that data on an iSCSI SAN
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
8. You need a strategy for backing up your 2008 R2 file servers according to these: allows for individual file restore; allows for complete server recovery; supports scheduled backups; provides decentralized control over backups and recovery; minimizes
Deploy a failover cluster that uses Node and File Share Disk Majority
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Back up to an external USB drive by using Windows Server Backup
9. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Active Directory Domains and Trusts
WDS
Network Load Balancing (NLB)
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
10. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Deploy a failover cluster that contains one node in each office.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Configure Audit Special Logon and define Special Groups
Purchase one additional Enterprise License
11. File that contains the last logon time and custom attributes values for each user in your forest.
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Get-ADUser cmdlet
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
12. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Dynamically expanding VHD's
Back up to an external USB drive by using Windows Server Backup
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Active Directory Right Management Services (AD RMS)
13. Need to access some resources in another domain that is part of another forest...What trust is created?
Incoming external trust
Share and Storage Management
Implement Distributed File System Replication (DFSR) on both servers
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
14. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
15. You need to allow remote access to the servers on your network while meeting the following requirements: all remote connections to the servers must be encrypted; all remote authentication attempts to the servers must be encrypted; only inbound connec
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Ldp
16. You need to deploy a distributed database application that meets the following: allocates storage to servers as required; isolates storage traffic from the exisiting network; ensures that data is available if a single disk fails; ensures that data is
WDS
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Install the RSAT tool on their workstation to provide for more efficient network management
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
17. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
IIS Manager user account
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Install the RSAT tool on their workstation to provide for more efficient network management
Event Subscriptions
18. You have a single AD domain named ad.company.com. The FFL is windows 2000 and the DFL is Windows 2000 Native. The UPN suffix company.com needs to be available for user accounts. What should be done first?
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Create a new Password Settings Object (PSO) for the IT users.
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Add the new UPN suffix to the forest.
19. 4 steps to perform offline Defragmentation of AD database...
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Active Directory Users and Computers
Incoming external trust
20. You need to come up with a solution for managing user accounts that: allows Help Desk department to manage the user objects in all domains and minimize the administrative effort required to manage the frequent changes to the Help Desk department
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Network Load Balancing (NLB) Cluser for the front end WSUS servers. This will allow users to have the continued access in the event that WSUS servers become unavailable.
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
21. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Incoming external trust
Deploy an additional WSUS server for the remote teachers. Configure the remote teacher's laptops to use the additional WSUS server. Configure the addtional WSUS server to leave the updates on the Microsoft Update Web Site.
Storage manager for SANs
Then configure auto enrollment of certificates and Credential Roaming.
22. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
Active Directory snapshots and Tombstone reanimation
Increase the tombstone lifetime for the forest.
Use a GPO to configure device installation restrictions
Configure caching on the shared folder and configure offline files to use encryption
23. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Use a GPO to configure device installation restrictions
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
802.1.x NAP
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
24. What should be done so the application does not fail after 30 days while still keeping the password policy in mind?
Configure block inheritance on the IT OU
New ACCOUNT STORE should be added and configured
Configure event log subscriptions
Execute the Set-ADServiceAccount cmdlet
25. When taking files offline there is always a security risk. Corporate files now reside on a laptop that will leave the confines of the corporate office. When taking files offline it is best practice to help protect these files using
A Fibre Channel (FC) disk storage subsystem that uses Microsoft Multipath I/O. Configure a RAID 5 array.
Win2000
Dynamically expanding VHD's
Encrypting File System (EFS). This can be enabled locally or through a GPO.
26. You are evaluating whether to use express installation files as an update distribution mechanism. The technical requirement that
net stop ntds
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Configure Audit Special Logon and define Special Groups
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
27. If you want to implement BitLocker and store recovery informaiton in a central location
Create ADMX and ADML files. Configure the GPO and link it to the domain.
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
28. You need to allow a user to add a single computer to a domain - without any additional rights...
Certificate Templates
Prestage the computer account in AD
Network Load Balancing (NLB) cluster
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
29. To allow a specifc user or group to manage the address information for the user accounts...
MEDV to deploy virtual desktops
WSUS server in the branch office in replica mode.
Recommend Active Directory delegation
Configure Firewall Group Policies and link them at the Domain level
30. You need a solution that allows a global group to perform the following: stop and start services; change registry settings; change network settings
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
New ACCOUNT STORE should be added and configured
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Then configure GlobalNames zones on each domain controller.
31. To defragment and AD database...
net stop ntds
Active Directory Users and Computers utility
Recommend Offline Files
Test-AppLockerPolicy
32. GPO setting to prevent all users from running an application
Implement Windows BitLocker Drive Encryption (BitLocker)
Dsmgmt
Software Restriction Polices
Ntdsutil
33. Enables you to receive emails when domain users locked out of accounts...
Software Restriction Polices
Event Viewer
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
34. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
Windows Deployment Services (WDS)
Assign the application to computers in the PC OU
Configure authorization rules for Web developers on each web server
Zone transfer settings
35. You need to create a DNS infrastructure that must allow client computers in each office to register DNA names within their respective offices and client computuers must be able to resolve names for hosts in all offices
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Create an Active Directory-Integrated zone.
Dfsrdiag
36. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
37. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Import-Module
Repadmin
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Microsoft Desktop Optimization Pack (MDOP)
38. All DCs have been upgraded from Windows Server 2003 to Windows Server 2008 R2. What should be done to ensure the Sysvol share replicates by using DFS Replicaiton (DFS-R)?
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
WSUS server in the branch office in replica mode.
Raise the DFL to Windows Server 2008 R2.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
39. Your DFS deployment needs to meet these requirements: minimize the bandwidth required to replicate data; ensure users see only folders to which they have access; ensure users can access the data locally.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
Registry on users computer needs to be modified
Include a server that runs Microsoft Office SharePoint Server 2010
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication
40. To modify several user accounts to a new UPN suffix
Windows BitLocker Drive Encryption (Bit Locker)
1) Remove the Auth Users account from the Secutiy tab of the company.com DNS zone properties. 2) Assign the server computer accounts to the Allow on Create All Child Objects permission on the Security tab of the company.com DNS zone properties.
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Active Directory Users and Computers utility
41. you have fewer Server 2003 servers that have Terminal Services installed. you also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meet the following: encrypts all remote connections to the ter
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Deploy it by using Group Policy Software Installation method
Event Viewer
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
42. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Then configure auto enrollment of certificates and Credential Roaming.
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Use a GPO to configure device installation restrictions
FFL Windows Server 2008 R2
43. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Modify the schema of LDSInst1
44. In Active Directory Sites and Services - what should be configured to ensure domain controllers only replicate between domain controllers in adjacent sites?
The applications within the VM by using RemoteApp. Create a RemoteApp and Desktop Connection for each VM.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
Windows BitLocker Drive Encryption (Bit Locker)
Disable Site Link Bridging from the IP properties
45. If you need to deploy multiple servers through automation of installation and activation and minimize network traffic
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
Modify zone transfer settings for company.com zone on DCA
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
46. You have two offices that are connected via a WAN link. Each office has a 2008 R2 file server. Users store their data on their local file server - but they can also acces data from the other office. You must implement a data solution according to the
Microsoft Application Virtualization (AppV)
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Install the full installation of Windows Server 2008 R2 Web Edition on two servers - and configure them in a Network Load Balancing cluster
Implement Distributed File System Replication (DFSR) on both servers
47. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Distributed File System (DFS) Replication
Configure block inheritance on the IT OU
PDC emulator with w32tm.exe
WSUS server in the branch office in replica mode.
48. SrvA has Remote Desktop Services role installed. You notice that users are consuming more than 40% of CPU resources. You want to prevent them from consuming more than 10% - however - administrators should not be limited.
Prestage the computer account in AD
Implement Windows System Resource Manager (WSRM) and configure user policies
Properties of PSO need modified
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
49. A script fails to create user accounts. Which cmdlet should be added to the script to create user accounts?
Enable Windows Remote Management (WinRM) on the servers.
Import-Module
DFL needs to be Windows Server 2008
Include a server that runs Microsoft Office SharePoint Server 2010
50. Striped volumes
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Add the user to the Domain Admins global group
Event Log Subscriptions
Improve the performance of File Servers