Test your basic knowledge |

MSITP

Subjects : certifications, msitp, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. What role to keep same time as an external server?
PDC emulator with w32tm.exe
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Use CISCO IP Helper command to configure.
Deploy a standalone DFS namespace; Enable access-based enumeration and use DFS Replication

2. What should be done first to defragment the AD database?
Run net stop ntds
Implement folder redirection by using GPO. Then backup the folder redirection target.
1) Stop AD services service 2) Compact ntds.dit 3) Move to %windir% ntds 4) Start AD domain services service
Implement Microsoft System Center Configuration Manager (SCCM) 2007 R2.

3. You have a 2008 R2 serever that has SQL Server 2008 installed. The server has one RAID 5 array and two RAID 1 arrays. You need to allocate hard disck space on the server according to the followign requirements: prevent data los if a single hard disk
Converting physical servers to VMs - implementing SANn and SAN management components such as backup and site resiliency will create additional administrative overhead.
Place the operating system files on one of the RAID 1 array - place the SQL transaction logs on the other RAID 1 array - and place the SQL database files on the RAID 5 array
Then install new Server 2008 R2 Enterprise subordinate CA.
Active Directory Domains and Trusts

4. If you want to allow single-label name resolution
A Distributed File System (DFS) namespace
Jill came down with 2.50.
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.
Then configure GlobalNames zones on each domain controller.

5. PowerShell script to create user accounts with passwords from a file called password.csv
Import-csv password.csv | Foreach {New-ADUser -Name $_.Name -Enabled $true_AccountPassword (ConvertTo_SecureString $_.Password -AsPlainText -force)}
Recommend GPT and basic disks
Modify the schema of LDSInst1
IIS Manager user account

6. DFL is...
One Remote Desktop connection authorization policy (RD CAP) and two Remote Desktop resource authorization polices (RD RAPs)
Group Policy Preferences
Software Restriction Polices
Win2000 Native

7. When deploying servers one would have to include some kind of process that would ultimately join the servers to the domain - this typically would require a script and a reboot. to help eliminate some of the steps involved and automate the deployment
Your machine and remote desktops
Then use on install image file that contains a single install image.
Offline domain join
Group Policy Preferences

8. Several employees say they can't get on domain with "password incorrect" message. What utility tool can be used to identify issue and also ensure users can log into domain?
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
dnscmd
Repadmin
Data Recovery Agent

9. IE can be a security concern - however you can take advantage of Group policies to lock down IE as much as possible

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

10. IF you need to automate deployment of 32 and 64 bit 2008 R2 servers
Then use Windows Deployment Services (WDS) on DHCP1.
Modify the GPO to include folder redirection
Run auditpol and then configure the Security settings of the Domain Controllers OU.
Data Recovery Agent

11. If a new application needs to be deployed on the network and it comes as a .msi package and then do this.
Implement a GPO for each domain
Create an e-mail account in AD DS for your RMS users.
Deploy it by using Group Policy Software Installation method
Upgrade all the client computers to Windows 7 and implement a Secure Socket Tunneling Protocol (SSTP) VPN solution.

12. If the companies support staff is currently using Remote Desktop to connect to the servers in the data center to perform all management tasks - it would be wise to have them instead
Implement Windows BitLocker Drive Encryption (BitLocker)
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Install the RSAT tool on their workstation to provide for more efficient network management
Deploy a GPO for the Sales OU

13. What should be modified so you can use the nslookup utility to list all SRV records for your domain?
New ACCOUNT STORE should be added and configured
Implement a domain-based DFS namespace that uses DFS Replication in a hub and spoke topology
Event Subscriptions
Zone transfer settings

14. You need to recommend a Windows update strategy for the new branch office. The branch office has a 512 Kbps connection the corporate office and a 2 MB connection to the Internet. You should recommend this.
Deploying a WSUS server in replica mode at the Branch office. You can also configure the WSUS in replica mode/split - this will allos the WSUS server to download list of updates from the parent but download the actual updates directly from Windows up
Event Subscriptions
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Execute the Set-ADServiceAccount cmdlet

15. You need to ensure that the guest account on all servers is disabled to
802.1.x NAP
Modify the schema of LDSInst1
Network Load Balancing (NLB) cluster
Discover the run Microsoft Baseline Security Analyzer (MBSA)

16. UPN Suffix xxxx.com needs to be available for user accounts...
Active Directory Users and Computers utility
Add the Remote1-Admins group to the Administrators local group on each server in Remote1.
Implement a domain-based DFS namespace and add a second namespace server; Enable the "Clients fail back to preferred targets" option. Make sure all client computers have at least XP SP2.
Add the new UPN Suffix to the forest

17. In order to reduce the administrative overhead typically involved with viewing event logs across multiple servers you should implement this.
Use Netsh tool from administrator's computer.
Offline domain join
Event Log Subscriptions
Application to the computer if you need to ensure that the application is installed on the computer before the user logs in.

18. When you need to distribute a large number of incoming connections to stateless applications such as Web servers or VPN servers you should implement this.
Subnet object needs to be created
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Implement the Windows Search Service.
Network Load Balancing (NLB)

19. You need to devise a security solution so that after 15 days the documents distributed to the members of the School Board can only be opened by the creator owners in the high school year book department. You should recommend...
Create an e-mail account in AD DS for your RMS users
Configure Audit Special Logon and define Special Groups
Software Restriction Polices
Active Directory Right Management Services (AD RMS)

20. To add a server with AD FS 2.0 role to an existing AD FS farm...
fsconfig on FSSrv2
Implement Network Access Protection (NAP) that uses 802.1x enforcement
Enable - ADoptionalFeature cmdlet
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie

21. What should be used to montior the replication of group policy template files when your DFL is set at Windows Server 2008 R2?
Microsoft SharePoint Foundation 2010
Configure Firewall Group Policies and link them at the Domain level
Dfsrdiag
Active Directory Domains and Trusts

22. The ability to set quotas at the volume level has been around for many years - however if you have have servers that need quotas - but instead of placing the quota at the volume level you need to place the quota on an individual folder -
Allocate three disks to a single RAID 5 volume for the user data. Allocate two disks to a mirrored volume for the operating system data.
Encrypting File System (EFS). This can be enabled locally or through a GPO.
DISABLE slow link detection in the GPO
Implement File Server Resource Manager (FSRM) quotas on the desired servers

23. Recently you have installed a special application on your web sites that requires using a managed service account on the Web Servers. This application runs on a web server in each of 10 separate Active Directory domains.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

24. To monitor replication of group policy template files when DFL set at Windows 2008 R2...
Configure Firewall Group Policies and link them at the Domain level
Active Directory Users and Computers
Software Restriction Polices
Dfsrdiag

25. Domain.com's network has a single forest and single domain. Users currently share files using the corporate FTP server and DropBox. You need a better solution for managing document and allowing access. The solution must meet the following: allow for
Microsoft SharePoint Foundation 2010
You can apply IE Group Policies only to the OU's that contain clients that must be restricted based on your corporate policies.
Upgrade one of the Server 2003 servers to Server 2008 R2. On this server - implement the Remote Desktop Services Gateway (RD Gateway) role and configure a Remote Desktop Services Resource authorization policy (RD RAP).
Modify zone transfer settings for company.com zone on DCA

26. To modify several user accounts to a new UPN suffix
Purchase one additional Enterprise License
The WSUS client to retrieve updates from Microsoft Update (Do not Store updates locally)
Offline domain join
Active Directory Users and Computers utility

27. If you need to be able to create shared folders on Server 2008 R2
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Install Microsoft Secure Socket Tunneling Protocol (SSTP)
Ensure your account - or the group is a member of the local Administrators group for that specific server.
Active Directory Users and Computers

28. If you need to deploy a DHCP server that supports computers that start from a PXE network adapater and support Win7
In AD Sites and Services - assign a new IP subnet to SiteB - and then move the new DC object to SiteB.
Windows BitLocker Drive Encryption (Bit Locker)
Import-Module
Then use Windows Deployment Services (WDS)

29. Ensure password length for a group set to 12 characters long while others keep password policy
Add-ADFineGrainedPasswordPolicySubject cmdlet
Implement Shadow Copies
Add the IT Help Desk Users to the Group Policy Creator Owners group and then create a new Starter GPO.
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.

30. Your domain has three OUs - HR - IT - and Sales. You need to redesign the layout of the OUs to support the following: Prevent GPOs that are linked to the domain from applying to computers located in IT OU; minimize number of GPOs; minimize number of
Service user account for AD LDS
Configure block inheritance on the IT OU
Implement a GPO for each domain
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie

31. You plan to deploy 12 file servers. All computers and servers connect to Ethernet switches. Your data storage solution must meet these: maximizes performance and fault tolerance; allocates storage to the servers as needed; utilizes the existing netwo
Install Windows Server 2008 R2 Datacenter Edition on each server. Deploy the servers in a failover cluster. Deploy an iSCSI storage area network (SAN) - You have a main office and branch office.
Remote Desktop Virtualization host - you wouldn't want all the users on the same Remote Desktop Session host to be local administrators.
Domain based Distributed File System (DFS) namespace and DFS Replication.
Winrm quickconfig

32. DCA is DC and DNS server that holds ADI zone for company.com DNSB is member server that has DNS server role installed. What should be done so DNSB can get zone updates from DCA?
Modify zone transfer settings for company.com zone on DCA
Either implement a DHCP server at the branch office - or configure a "Static Pool" on the RRAS server itself. If deploying a DHCP server at the branch office isn't an option - then once the Remote Access Server role has been deployed you can configur
Create an e-mail account in AD DS for your RMS users.
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management

33. You have a couple support technicians located in branch office on Server 2008 R2 machines with the following requirements: Install server roles; stop and start services; minimize the security privileges granted to the support technicians
Domain based DFS namespace and configure a DFS replication group
Implement a domain-based DFS namespace that uses replication
Assign the application to computers in the PC OU
Assign the support technicans to the Administrators group on the Windows Server 2008 R2 servers.

34. Company.com is working on a set of corporate documents. These documents are stored in a shared folder on your corporate file server. You need to protect documents as they get created.
Event Viewer
Group Policy Preferences
Deploy Microsoft SharePoint Foundation 2010 - and then migrate the share to a new document library. Enable versioning for the library
Install File Server Resource Manager (FSRM) role service - and then configure Quota Managment and Storage Reports Management

35. You need to design your WSUS infrastructure so that updates are highly available. To do so
AD RMS
Add the new UPN suffix to the forest.
Implement a domain-based DFS namespace that uses replication
Store the WSUS updates on a Distributed File System (DFS) link that uses multiple replicating targets.

36. To enable the AD Recycle Bin
Encrypting File System (EFS). This can be enabled locally or through a GPO.
Configure an audit policy by editing the default domain policy and configure Event Forwarding
Enable - ADoptionalFeature cmdlet
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th

37. What shold be done to configure AD RMS so users can protect their data?
Attach VHD file created by Windows server backup
Subnet object needs to be created
Dsmgmt
Create an e-mail account in AD DS for your RMS users

38. You need to plan the deployment of an application that must meet these requirements: users must have - access to the app when they are connected to the network; access the application from an icon on their desktops.
Loopback Processing - The purpose of the Loopback Processing policy is to prevent usesr policies that currently affect the user from following them to a publicly used or (shared remote desktop) computer. We may indeed in many cases want these policie
Assign the application to all client computers by using a GPO.
Deploy the Root CA certificate to the external computers.
Your machine and remote desktops

39. Capture all replication errors from all your DCs to a central location...
Implement folder redirection by using GPO. Then backup the folder redirection target.
Then deploy Windows Deployment Services (WDS) and Transport Server feature and configure transport server to use static multicast address range.
Configure event log subscriptions
The computer must be connected to the network when the end user clicks the icon and launches the install of the application.

40. To decrease the amount of time it takes for the certain users to generate reports. You should recommend
Windows Server 2003
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
Passive file screens
Windows System Resource Manager (WSRM)

41. 2 ways to relocate user and computer accounts to different OUs
Repadmin
DSMOD - ADUC
On one server - create event subscriptions for each server...on the server - attach tasks to the application error events
Add the Windows Server Backup feature and Windows System Image recovery.

42. Tool to allow a user to administer an RODC while minimizing the number of permissions assigned to user.
Dsmgmt
An Active Directory subnet object needs to be created.
Domain based Distributed File System (DFS) will reduce network traffic
Create TWO new starter GPO's one with user administrative templates configure - and one with computer admin template configured - and export them to .cab files - and make the .cab files available in both forests...Then when creating new group policie

43. Policy states that domain controllers cannot contain optical drives. You need a backup and recovery plan that restores the domain controllers in the event of a catastrophic server failure. To accomplish this
Use Windows Server Backup to back up each domain controller to a remote network share. Use Windows Deployment Services (WDS) to deploy the Windows Recovery Environment (Windows RE)
Implementing a Central Store. This will allow custom .admx files to replicate and be available to administrators on any administrative workstation with the RSAT tools installed in the enterprise
Congifure the new Local User and Groups by using Group Policy Preferences option and link the policy to the Branch office site.
Click Start - click Run - type cmd - and then press ENTER. - At the command prompt - type dsmgmt.exe - and then press ENTER. - For a list of valid parameters - type ? - and then press ENTER. - By default - no local administrator role is defined on th

44. All DCs run Windows Server 2008 R2 and have the DNS Server role installed. The domain controllers for each location are stored locally. Each has its own standard primary zone to support its local domain.You need a plan that meets the following: WAN l
Domain based DFS namespace and configure a DFS replication group
Create a standard secondary of domain and create standard secondary of other domain.
Your machine and remote desktops
You could restore the backup to an alternate location. Then mount the database using the AD Database Mounting Tool (Dsamain.exe)

45. AD RMS is being used on the network. George is only a member of the AD RMS Enterprise Administrators group. Mitt needs to be able to change the service connection point (SCP) for the AD RMS installation. What should be done so George can accomplish t
Configure each SharePoint site to use a separate application pool - and then implement Windows System Resource Manager (WSRM)
Creating a data collector set that kick off a scritp that either move or delete files.
Add George to the Domain Admins group.
dsa.msc - dsamain.exe - ntdsutil.exe

46. What should be done to identify which LDAP computers are using the largest amount of available CPU resources on a DC?
Assign the application to all client computers by using a GPO.
Jill came down with 2.50.
Execute the Active Directory Diagnostics Data Collector Set and then review the report.
Implement Windows System Resource Manager (WSRM) and configure user policies

47. To compact AD database...
Implement Windows System Resource Manager (WSRM)
Apply a WMI Filter to the policy. Note: You can use a WMI filter to filter out VM from being affected by a GPO the same way you can a physcial machine.
Active Directory snapshots and Tombstone reanimation
FILES option within Ntdsutil

48. To backup Virtual Machines
Deploy Microsoft System Center Data Protection Manager 2010 and create a new protection group.
fsconfig on FSSrv2
Import-Module
Dsmgmt

49. The servers in each office run Server 2008 R2 Enterprise Edition. You need to plan a failover cluster solution to service users in both offices that meet these: maintain the availability of services if a single server fails; minimize the number of se
Deploy a failover cluster that contains one node in each office.
Modify properties of RODC server computer account.
Dfsrdiag
Offline domain join

50. To ensure that administrators are allowed to install USB drives on their Windows 7 computers - but NOT allow non-administrators
Create ADMX and ADML files. Configure the GPO and link it to the domain.
1) Restart dc in DirectoryServiceRestoreMode - 2) Restory system state data to date before organizational unit was deleted - 3) Use ntdsutil utility to mark organizational unit as authoritative 4) Restart Domain Controller
Use a GPO to configure device installation restrictions
Install the File Server Resource Manager (FSRM) role service on the sales department file server. Configure hard quotas and file screening.