SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. DCDNS1 is a DC and DNS server that host and ADI zone for company.com and is located in the main office. DNS2 is a DNS server that hosts a secondary zone for company.com and is located in the branch office. FSrv1 is a new file server that is located i
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Winrm quickconfig
Refresh the zone on DNS2
2. What GPO setting should be configured to prevent all users from running an application?
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Create a Network Load Balancing cluster.
Software Restriction Polices
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
3. You have a main office and 2 branch offices. Your OU structure mimics this. The branch office admins need to be able to apply GPOs only to their respective OUs. What 2 steps should you take to accomplish this?
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
Group Policy Preferences
View properties of %systemroot%ntdsntds.dit
Network Load Balancing (NLB)
4. You need to design patch management for satellite offices that meet the following requirements: WSUS updates are approved independently for each satellite office; Internet traffic is minimized. To accomplish
Configure an audit policy by editing the default domain policy and configure Event Forwarding
In each satellite office - install a WSUS server and configure the WSUS servers to use the main office WSUS server as an upstream server.
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
WSUS servers running in replica mode - and configure them to download updates from the WSUS server in the main office
5. Tool to montior replicaiton of group policy template files when DFL set at Windows SVR 2003
fsconfig on FSSrv2
Ntfrsutil
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management
6. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Execute the Set-ADServiceAccount cmdlet
Dsmgmt
Your machine and remote desktops
Modify the DNS zone replication properties of the root domain - and change it to the ForestDNSZones application directory partition
7. To create and additional AD LDS applicaiton directory partition in existing instance...
Ldp
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Create a user and designate him as a recovery agent by issuing him a data recovery certificate.
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
8. You have a forest with two domains - all servers run 2008 R2 - and all DCs contain DNS. A member server has a primary zone for test.company.com. What should be done so all DCs can resolve names from test.company.com zone?
Login to one DC and create and configure a conditional forwarder to replicate to all DNS servers in the forest.
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Configure event log subscriptions
Store all sensitive files in EFS encrypted folders and require home users to access the files by using SSTP
9. If you need to be able to create shared folders on Server 2008 R2
Perform an authoritative restore
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Establish a Federated Trust between your company and the external partner. Deploy a 2008 R2 server that runs MIcrosoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD MS) role installed.
File Server Resource Manager (FSRM) quotas and file screens
10. To allow a specifc user or group to manage the address information for the user accounts...
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
IIS Chared Configuration
Improve the performance of File Servers
Recommend Active Directory delegation
11. Company users IPV4 and IPV6. A PC uses IPV6 and can no longer authenticate off the DC. What can be done to ensure IPV6 computers authenticate to DCs in same site...
Subnet object needs to be created
Modify zone transfer settings for company.com zone on DCA
New ACCOUNT STORE should be added and configured
Recommend Offline Files
12. You need to allow a user to add a single computer to a domain - without any additional rights...
Configure caching on the shared folder (offline files)
Prestage the computer account in AD
WSUS server in the branch office in replica mode.
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
13. You need to consolidate 120 physical servers into 35 physical servers that run Windows Server 2008 R2 while meeting the following: maximize resource utilization; use existing hardware and software; support 64-bit child virtual machines; maintain sepa
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
Install Hyper-V role and convert physical machines into virtual machines
Microsoft Desktop Optimization Pack (MDOP)
Configure the zone as an Activde Directory-Integrated zone.
14. Your data recovery strategy for your Server 2008 R2 file server must meet the followign requirements: All data volumes on the server must be backed up daily; backups must have a minimal impact on performance; if a disk fails - the recovery strategy m
Event Log Subscriptions
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Use Windows Server Backup to perform a daily backup to an external disk. Enable shadow copies for the volumes that contain shared user data. Store the shadow copies on a separate physical disk.
15. To backup Virtual Machines
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Deploy Microsoft System Center Operations Manager (SCOM)
Use the Local Roles options with dsmgmt.
Offline domain join
16. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
Recommend Group Policy preferences
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Recommend one AD based service account for each web site in each domain - that would mean 10 total. NOTE: Because you're using AD accounts that there is one web site in each domain the number of service accounts will match the number of domains.
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
17. There are now 4 primary types of VPN solutions - PPTP - L2TP - SSTP and Direct Access. If you need to implement a VPN on Vista SP1 or higher machines you can implement SSTP.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on other company's PDC emulator.
Configure the zone as an Activde Directory-Integrated zone.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
18. To ensure that the branch office with its own high speed internet connection receives the exact same updates as the corporate office you should recommend this.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
Configure Audit Special Logon and define Special Groups
Migrate the namespace to Windows SErver 2008 mode and enable access based enumeration (ABE). NOTE: ABE is a new feature in SERVER 2008; this requires that all DFS Server be 2008 or later.
IIS Manager user account
19. You have 9 2008 R2 servers that host Web apps. You need a remote mgmt strategy to manage the Web servers according to these requirements: Web developers need to be able to configure features on the Web sites; Web developers should not have full admin
Enable Windows Remote Management (WinRM) on the servers.
Configure authorization rules for Web developers on each web server
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Authorization Manager role assignment
20. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
Recommend Active Directory delegation
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Create a Network Load Balancing cluster.
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
21. So a user can install updates on an RODC while preventing them from logging on to any other domain controller...
Create a standard secondary of domain and create standard secondary of other domain.
Use local roles options within "dsmgmt"
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
Configure RODC for Administrator Role Separation
22. Capture all replication errors from all your DCs to a central location...
Configure event log subscriptions
Add the user to the Domain Admins global group
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.
Share and Storage Management
23. To ensure that user's documents are stored on the file server and thus subject to the corporate backup solution - you should implement this.
Recommend Group Policy preferences
Configure the zone as an Activde Directory-Integrated zone.
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Folder redirection. Folder redirection is also useful when using roamin profiles.
24. To speed up the deployment of the RODC in the new branch offices you should take advantage of this.
A relying party trust should be created.
Use CISCO IP Helper command to configure.
From Server A - run Create Basic Task Wizard
Install From Media IFM
25. To ensure that a group in not giving too many permissions when delegating be sure to delagate permissions at the lower level OUs vs. at the domain level for example
Deploy a GPO to the WebSrvOU
Assign permissions for the Groups OU and Branch OU to the help desk technicians.
Share and Storage Management
Run the Delegation of Control Wizard on the Staff OU
26. If you need secure method to verify validity of individual certificates and minimize network bandwidth
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
Install Hyper-V role and convert physical machines into virtual machines
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
Object access auditing on the server that supports the resource. Note: Enabling audit access also helps when auditing your Cert Servers
27. To enable the AD Recycle Bin
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Enable - ADoptionalFeature cmdlet
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Implement Network Access Protection (NAP)
28. What role to keep same time as an external server?
Then use on install image file that contains a single install image.
PDC emulator with w32tm.exe
Implement Windows System Resource Manager (WSRM) and configure a resource-allocation policy for process-based management.
Use Netsh tool from administrator's computer.
29. To reduce the administration involved when making configuration changes in IIS for several servers that are part of NLB Cluster you should implement this.
Dsmgmt
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
IIS Chared Configuration
Create a standard secondary of domain and create standard secondary of other domain.
30. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
Configure offline files and enable manual caching
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Then use Windows Deployment Services (WDS)
Network Load Balancing (NLB)
31. To allow administrators tha trun Windows 7 ability to manage the DNS server that runs on the Server Core installation of Server 2008 R2
AD Domains and Trusts
Configure Audit Special Logon and define Special Groups
Install the Remote Server Administration Tools (RSAT) on the Windows 7 computers.
DSMOD - ADUC
32. The Computer Management snap-in allows you to create shares both on...
Active Directory snapshots and Tombstone reanimation
Your machine and remote desktops
Assign the application to computers in the PC OU
Ntdsutil
33. Need a solution that will ensure that the initial settings when creating new policies for both forests will become more consistent. You should...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
34. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Incoming external trust
Implement File Server Resource Manager (FSRM) quotas on the desired servers
35. To prevent account password from being cached on RODC server...
Win2000
Group Policy Preferences
dnscmd dcsrv2.company.com /zoneresettype company.com /dsprimary
Modify properties of RODC server computer account.
36. Striped volumes
dnscmd tool
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Printer driver isolation
Improve the performance of File Servers
37. All computers are running either Windows SP2 or Windows 7. You want to audit users that are accessing the administrative shares on all the computers...
Create and deploy a logon script that runs Auditpol.
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
38. If you need to implement Encrypting File System (EFS) and minimize amount of data transferred across and access EFS certs on any client computer
Then use Windows Deployment Services (WDS) on DHCP1.
Configure separate application pools for each application
Enable Credential Roaming
From Server A - run Create Basic Task Wizard
39. To recover objects deleted from Active Directory you should recommend
Domain based DFS namespace and configure a DFS replication group
Active Directory snapshots and Tombstone reanimation
Modify zone transfer settings for company.com zone on DCA
Deploy two writable domain controllers in ad.company.com and recommend to configure both domain controllers as GC's.
40. Help desk staff must be able to update drivers on the domain controllers at the branch office and assign them the proper
Group Policy Preferences
Administrative Role Separation
Certificate Templates
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
41. To minimize the amount of storage required you should recommend
Install a Server Core installation of Windows Server 2008 R2 Enterprise. Note: Remember clusters must be either 2008 Enterprise or Datacenter - you cannot build a Microsoft Cluster using Web or Standard Editions
Share and Storage Management
Create an Active Directory-Integrated zone.
Network Policy Server (NPS) and Routing and Remote Access Service (RRAS)
42. to make shares at a remote location available to users you should implement this.
Win2000
Attach VHD file created by Windows server backup
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
Domain based Distributed File System (DFS) namespace and DFS Replication.
43. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Create a standard secondary of domain and create standard secondary of other domain.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
44. You have few Server 2003 servers that have Terminal services installed. You also have a firewall that runs ISA Server 2006. Your remote access strategy for the terminal servers needs to meeet the following: restricts accsss to specific Remote Desktop
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Use a GPO to configure device installation restrictions
Event Viewer
45. To backup GPO's in domain and minimize bakcup...
The Group Policy Management Console
Autonomous mode...This allows the local administrator to approve their own updates.
Implement File Server Resource Manager (FSRM) quotas on the desired servers
Publish the application as a Remote App. Enable Remote Desktop Web Access (RD Web Access).
46. DFL is...
Win2000 Native
Event Viewer
dnscmd tool
Domain based Distributed File System (DFS) will reduce network traffic
47. To add a server with AD FS 2.0 role to an existing AD FS farm...
Add the user to the Domain Admins global group
fsconfig on FSSrv2
Microsoft Desktop Optimization Pack (MDOP)
Windows Server 2003
48. Need to access some resources in another domain that is part of another forest...What trust is created?
Incoming external trust
Enable - ADoptionalFeature cmdlet
IIS Manager user account
Increase the tombstone lifetime for the forest.
49. You have administrative templates that another company wants to use on their domain. How would you configure the other company's domain to use these administrative templates?
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
50. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Include a server that runs Microsoft Office SharePoint Server 2010
ntdsutil