SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MSITP
Start Test
Study First
Subjects
:
certifications
,
msitp
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If a user needs to access a new cert template when logging on to any client computer in domain and you need to automatically install on each client computer a cert
Configure RADIUS accounting by using SQL loggin on each server and use Srv1 as database for RADIUS aaccounting.
Then configure auto enrollment of certificates and Credential Roaming.
Active Directory Users and Computers
Configure caching on the shared folder (offline files)
2. You need to deploy a new application according to the following requirements: must be available to remote users when they are offline; must access the application from an icon on the Start menu
Then use Key Management Service (KMS) - DHCP server - and Windows Deployment Services.
Assign the application to computers in the PC OU
NOT be able to store that data on an iSCSI SAN
fsconfig on FSSrv2
3. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services connection authorization policy (RD CAP).
Create a new global group named HelpDesk and then add the Help Desk department user accounts to the Helpdesk group. Add the HelpDesk group to the Account Operators group that is in all three domains. A-G-U-L-P.
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Assign the application to all client computers by using a GPO.
4. To make a 64-bit application available to several 32-bit XP SP3 computers in the branch office you could use either a remote desktop session host or a remote desktop virtualization host. However - if the application requires you to be a local adminis
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
5. You need to ensure that the guest account on all servers is disabled to
Configure event log subscriptions
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Implement Windows BitLocker Drive Encryption (BitLocker)
Deploy the application via RemoteApp as an .MSI file and enable File Extension Take over.
6. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Configure an audit policy by editing the default domain policy and configure Event Forwarding
1) Add the branch office admin accounts to teh Group Policy Creator Owners Group. 2) Run the Delegation of Control Wizard and delegate the right to link GPOs for their branch OUs to the branch office admins.
SSTP is a good solution if you have Vista SP1 or higher and your security team has already opened port 443 on the firewall and the coporate security policy states that they would prefer not to open any more ports on the firewall than necessary. SSTP
7. To add a new UPN for all user accounts...
AD Domains and Trusts
Modify the GPO to include folder redirection
Enhanced Storage Access settings in Group Policy on the local machine to require a unique vendor ID to identify the device or even require a certificate for the device to connect to your machine. This policy can even lock the device when the computer
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
8. To enforce corporate policy on ALL computers in the domain to show a legal notice when a user logs on to the domain
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Dsmgmt
Use local roles options within "dsmgmt"
Implement Shadow Copies
9. If you want to implement BitLocker and store recovery informaiton in a central location
Perform an authoritative restore
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Configure caching on the shared folder (offline files)
10. In AD Sites and Service - which level is Universal Group Membership caching activated / deactivated?
Site
Run net stop ntds
Then install new Server 2008 R2 Enterprise subordinate CA.
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
11. To restore previous version of script without taking up too much of time...
Then Upgrade clients to Win7 - implement Enterprise CA on Win 2008 R2 and implement IPSec VPN with cert-based authentication.
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
Test-AppLockerPolicy
Attach VHD file created by Windows server backup
12. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.
Configure the zone as an Activde Directory-Integrated zone.
Microsoft System Center Data Protection Manager
Deploy WSUS server on secure network. From an online WSUS server - copy the update metadata and the WSUS content to the WSUS server on the secure network.
13. You need to deploy apps to client computers according to these req.: apps must be deployed to client computers that meet minimum hardware requirements; detaild reports on success/failure of the app deployments must be provided; deployments must be sc
Increase the tombstone lifetime for the forest.
Refresh the zone on DNS2
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Zone transfer settings
14. You need to generate a report on the status of software updates for your Windows 7 client computers with the following requirements: display all of the operating system updates and Microsoft application updates that installed successfully and failed;
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
Include a server that runs Microsoft Office SharePoint Server 2010
Provide remote access to a Windows Server 2008 R2 server that has the Remote Server Administration Tools (RSAT) installed.
15. To be able to manage all the corporate servers from a workstation - you must install the
Remote Server Administrative Tools (RSAT) on your administrative workstation or laptop
Prestage the computer account in AD
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
16. To configure Administrator Role Separation for an RODC
Domain based DFS namespace and configure a DFS replication group
Winrm quickconfig
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
17. All users store their files in their Documents folder. Some of these are very large. You are going to implement roaming profiles for all your users. You will configure this by using a GPO. To minimize the amount of time it takes for your users to log
Deploy a failover cluster that contains one node in each office.
1) Seize operations master roles from sever1 to server2 2) Rebuild Server as a replica domain controller 3) Transfer operations master roles from Server2 to Server1
Modify the GPO to include folder redirection
Install a full installation of Windows Server 2008 R2 Enterprise Edition on two servers and configure the failover cluster services on them.
18. If you need to change the TCP/IP addresses on 30 servers using the minimum amount of administrative effort
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
19. To identify users who bypass the new corporate security policy -
Configure Audit Special Logon and define Special Groups
newly implemented technologies must have a minimal effect on LAN traffic - is met by using express installation files
Install Hyper-V role and convert physical machines into virtual machines
Active Directory Rights Management Services (AD RMS) and Microsoft SharePoint Foundation 2010
20. All servers run 2008 R2 and all client computers run Windows 7. Provide a necessary access solution that meets: only computers that have the most up-to-date service packs can be granted general network access; all noncompliant computers must be redir
Deploy Microsoft System Center Operations Manager (SCOM)
Implement Network Access Protection (NAP)
Run net stop ntds
Enable Windows Remote Management (WinRM) on the servers.
21. When deploying group polices we want to configure them so that they are applied as quickly as possible. One way this can be done is if the policy only consists of computer settings. If this is the case we can do this.
Upgrading DFS to Windows Server 2008 R2
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
Enable - ADoptionalFeature cmdlet
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie
22. FFL is...
Assign the application to all client computers by using a GPO.
dnscmd tool
Win2000
Include an iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID 5 array.
23. The Computer Management snap-in allows you to create shares both on...
Create an Active Directory-Integrated zone.
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Your machine and remote desktops
Implement Shadow Copies
24. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Utilize IFM (Install From Media)
Offline domain join
Disable Site Link Bridging from the IP properties
Request and obtain a server authentication certificate from a trusted certification authority (CA) in your organization or from a trusted third-party CA - Authorization Manager provides a flexible framework for integratin role-based access control in
25. To minimize the amount of storage used for virtual machines in a Virtual desktop pool the VHD's should be
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
26. New Password Policy needs to be created for OU different from domain password policy
Attach VHD file created by Windows server backup
Add all the particular accounts into a new global security group. - Create new (PSO) and apply to group.
djoin /requesteodj from internal server - djoin /provision from outside server/PC
Then use on install image file that contains a single install image.
27. Within your company you have a server that will be running 8 VMs but only 6 concurrently. Your company has already purchased an Enterprise license for the server.
Software Restriction Polices
Purchase one additional Enterprise License
Microsoft Desktop Optimization Pack (MDOP) to your company
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
28. Srv1 is a file server that has five internal SCSI hard drives. Your storage strategy needs to meet the following requirements: Physically separates the operating system data from the user data; maximize the disk space available for data storage; uses
IIS Chared Configuration
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Microsoft System Center Data Protection Manager 2010
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
29. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Deploy a failover cluster that contains one node in each office.
Configure separate application pools for each application
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
Windows Deployment Services (WDS)
30. In order to manage websites without having to logon you can use
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Your machine and remote desktops
Windows BitLocker Drive Encryption (Bit Locker)
PowerShell 2.0
31. If you need to allow an external partner's computer to access internal network resources by using SSTP
Software Restriction Polices
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Deploy the Root CA certificate to the external computers.
Implement Windows System Resource Manager (WSRM)
32. You need a solution that allows your users to collaborate with each other and that must meet these: enables - full text indexing of all user content - remote access to files by using a Web browser - secure access to files by assigning permisions; sup
Deploy Remote Desktop Connection 7.0 on all computers; Enabled the Desktop Experience feature on the RD Session host; and install the application on the Remote Desktop Services server.
Include a server that runs Microsoft Office SharePoint Server 2010
fsconfig on FSSrv2
Implement a GPO for each domain
33. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
AD Domains and Trusts
Deploy a GPO to the WebSrvOU
Active Directory Right Management Services (AD RMS)
Storage manager for SANs
34. All servers run 2008 R2. All client computers run Windows 7 and Outlook 2010. The sales team needs to use Outlook 2003 to support a custom application. You need a deployment strategy that meets these requirements: provide access to Outlook 2003 and 2
Installing Hyper-V on a Server Core installation of Windows Server 2008 R2 Enterprise
Windows XP Mode
Configure a server with the Remote Desktop Services role and install Outlook 2003 on the Remote Desktop Services server. Then publish Outlook 2003 as a Remote Desktop Services RemoteApp (RD RemoteApp).
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
35. You need to relocate an AD LDS instance from C: Drive to D: Drive
1) Run net stop ADLDS command 2) Use ntdsutil tool to move db files 3) Run net start ADLDS cmd
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
FILES option within Ntdsutil
Move "Infrasture Master" role in child domain to a DC that does not hold the Global Catalog.
36. When recommending the server configurations for the new failover cluster that will live in a virtual environment from Hyper-V Manager on each node - configure ...
One virtual network...Install two network adapaters on each node. Configure the network adapters to communicate on separate subnets.
Create a standard secondary of domain and create standard secondary of other domain.
Create a GPO and link the GPO to the domain then configure the GPO to be enforced
Disable the user half of the policy. For flow reasons we can stop policies from affecting certain computers and users by placing blocks at the OU level. This will prevent the policy from parent OUs from flowing into the child OU as long as the parent
37. You need to ensure that your Windows 2008 R2 file servers meet the following: supports volumes larger than 2 terabytes - if a single disk fails - maintain data redundancy - if a single server fails - maintain access to all data - maximize disk throug
Ldp
Deploy a two-node cluster. Connect an external storage subsystem. Configure the external subsystem as a RAID 10 array - and format the array as a GPT disk.
Then Install IIS on perimeter network and redirect request to Online Responder on internal network.
WSUS server running in replica mode that is configured to download updates from Microsoft Update (a.k.a. replica split)
38. WSUS infrastructure must meet the following: distributed from a central location - all computers must continue to receive updates in the event that a server fails
Configure Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Use the Local Roles options with dsmgmt.
Discover the run Microsoft Baseline Security Analyzer (MBSA)
Implement Network Access Protection (NAP)
39. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.
Your machine and remote desktops
Implement File Server Resource Manager (FSRM) quotas on the desired servers
PowerShell 2.0
40. When recommending a monitoring solution for an application so that it's events can be stored in a central
Data Recovery Agent
Win2000 Native
Event Subscriptions
Run a full back up by using Windows Server Backup - and then run a full back up of the Hyper-V hosts by using Windows Server Backup.
41. RDSRv1 is a Server 2008 R2 Remote Desktop Session Host. RDSrv1 has 8 custome apps installed. Each is configured as a RDP RemoteApp. You notice that when a user runs one of the apps - other users report that the server seems slow and that some apps be
CAPublishGP group should have the Manage CA permission.
Install WSUS 3.0 on a 2008 R2 server and configure Windows Update by using a GPO
Implement Windows System Resource Manager (WSRM)
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
42. All 2008 R2 servers and Windows 7 clients are connected to managed switches. The following are requirements for network access: only client computers that have up-to-date service packs installed can access the network; have up-to-date anti-malware so
Perform an authoritative restore
New ACCOUNT STORE should be added and configured
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
43. PowerShell script to create user accounts with passwords from a file called password.csv
DSMOD
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Upgrade one of the TS to Windows Server 2008 R2 and configure it as the Remote Desktop Services Gateway (RD Gateway). Then implement Network Access Protection (NAP).
Autonomous mode...This allows the local administrator to approve their own updates.
44. Web server administrator's accountsd are in an OU called WebAdminOU and are member of a global group called WebAdmins. To allow the web server administrators to perform administrative tasks on the web servers - but not allow them to perform administr
Add \file2templates as a folder target for \domain.comdfstemplates - Create a DFS replication group that contains \file1templates and \File2templates
Create an e-mail account in AD DS for your RMS users.
Active Directory Users and Computers utility
Deploy a GPO to the WebSrvOU
45. GPO's can be difficult to manage; you need a solution that will include version tracking and offline modifications. You should recommend
Modify properties of RODC server computer account.
Microsoft Desktop Optimization Pack (MDOP) to your company
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Then Migrate DHCP server role from the domain controllers to the files servers. On file servers - add admin for office to DHCP admin local group.
46. Your office has no Internet connection. Your data provisioning solution must meet these requirements: users that are not connected to the network must be able to access files and folders on the network; unauthorized users must not have access to the
In each office - install a WSUS server and configure the WSUS servers as a replica of the main office.
Configure caching on the shared folder and configure offline files to use encryption
Then make sure all DCs are runing Windows Server 2008 R2 - and then use a GPO to enable Trusted Platform Module backups to AD.
Use Netsh tool from administrator's computer.
47. To limit each user's storage space and to prevent users from storing audio and video files on the servers you should recommend
WDS
File Server Resource Manager (FSRM) quotas and file screens
Install a new server that runs a 64-bit version of Windows Server 2008 R2 Enterprise Edition. Install the Hyper-V role. Install the App1 and App2 in separate child virtual machines.
Add the new UPN suffix to the forest.
48. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Folder redirection. Folder redirection is also useful when using roamin profiles.
Microsoft SharePoint Foundation 2010
Implement folder redirection by using GPO. Then backup the folder redirection target.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
49. You need a tool that will help you manage LUN's for both iSCSI and Fibre Channel to support the provision of Virtual disks. You should recommend this.
Winrm quickconfig
Dfsrdiag
Storage manager for SANs
Reinstall AD DS on DCC.company.com as a WRITABLE DC.
50. RDSrv1 is a Server 2008 R2 server with Remote Desktop Services installed. You are planning to establish a Terminal Server Farm that must meet these requirements: New users automatically connect to the terminal server that has the fewest active sessio
AD Domains and Trusts
DISABLE slow link detection in the GPO
Active Directory Domains and Trusts
Implement a Remote Desktop Connection Broker (RD Connection Broker)
