Home / Microsoft / AZ-800

Microsoft AZ-800 Practice Test - Questions Answers, Page 12

Question list

List of questions

Question 111

(0)

HOTSPOT You have a Group Policy Object (GPO) named GPO1 that contains user settings only. You plan to apply GPO1 to a global security group named Group1. You link GP01 to the domain, and you remo

Question 112

(0)

HOTSPOT You have a server named Server1 that runs Windows Server Server1 has a just-a-bunch-of-disks (JBOD) enclosure attached. You plan to create a storage pool on Server1 and a virtual disk tha

Question 113

(0)

HOTSPOT Your company has offices in Boston and Montreal. The offices are connected by using a 10-Mbps WAN link that is often saturated The office in Boston contains the following: • An Active Dire

Question 114

(0)

Your network contains an Active Domain Services (AD DS) forest. The forest contains three domains. Each domain contains 10 domain controllers. You plan to store a DNS zone in a custom active Direc

Question 115

(0)

Your network contains a Active Directory Domain Service (AD DS) forest named contoso.com. The forest root domain contains a server named server1. contoso.com. A two-way forest trust exists between t

Question 116

(0)

Your network contains a single-domain Active Directory Domain Services (AD DS) forest named conto.com. The forest contains the servers shown in the following exhibit table. You plan to install a

Question 117

(0)

You have an Azure virtual machine named Server1 that runs a network management application. Server1 has the following network configuration. * Network interface.Nic1 * IP address 10.1.1.1/24 * C

Question 118

(0)

Your network contains an Active Directory Domain Services (AD DS) forest. The forest contains three domains. Each domain contains 10 domain controllers. You plan to store a DNS zone in a custom Acti

Question 119

(0)

You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant Group writeback is enabled in Azure AD Connect. The AD DS domain c

Question 120

(0)

You have a server named Server1 that runs Windows Server. You plan to host applications in Windows containers. You need to configure Server1 to run containers. What should you install?

Related questions

Task 4 You need to run a container that uses the mcrmicrosoft.com/windows/servercofe/iis image on SRV1. Port 80 on the container must be published to port 5001 on SRV1 and the container must run in the background

SIMULATION LAB 8 You need to create an Active Directory Domain Services (AD DS) site named Site2 that is associated to an IP address range of 192.168.2.0 to 192.168.2.255.

SIMULATION LAB 10 You need to configure Hyper-V to ensure that running virtual machines can be moved between SRV1 and SRV2 without downtime. You do NOT need to move any virtual machines at this time.

SIMULATION LAB 9 You plan to create group managed service accounts (gMSAs). You need to configure the domain to support the creation of gMSAs.

HOTSPOT Your network contains two VLANs for client computers and one VLAN for a datacenter Each VLAN is assigned an IPv4 subnet Currently, all the client computers use static IP addresses. You plan to deploy a DHCP server to the VLAN in the datacenter. You need to use the DHCP server to provide IP configurations to all the client computers. What is the minimum number of scopes and DHCP relays you should create? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Your network contains an Active Directory Domain Services (AD DS) forest named contoso.com. The root domain contains the domain controllers shown in the following table. A failure of which domain controller will prevent you from creating application partitions?

Task 10 You use a Group Policy preference to map \\dd.contoso.com\instal1 as drive H for all users>. If a user already has an existing drive mapping for H. the new drive mapping must take precedence.

DRAG DROP You have a disaggregated cluster deployment. The deployment contains a scale-out file server (SOFS) cluster that runs Windows Server and a compute duster that has the Hyper-V role enabled. You need to implement Storage Quality of Service (QoS). The solution must ensure that you can control the bandwidth usage between the SOFS cluster and the Hyper-V cluster. Which cmdlet should you run on each cluster? To answer, drag the appropriate cmdlets to the correct clusters. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. Answer:

HOTSPOT Your network contains an Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains the VPN servers shown in the following table. You have a server named NPS1 that has Network Policy Server (NPS) installed. NPS1 has the following RADIUS clients: VPN1, VPN2, and VPN3 use NPS1 for RADIUS authentication. All the users in contoso.com are allowed to establish VPN connections. For each of the following statements, select Yes If the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Task 8 You need to deploy a new primary DNS zone named fabrikam.com to DC1. The zone must be signed.

Question 111

HOTSPOT

You have a Group Policy Object (GPO) named GPO1 that contains user settings only.

You plan to apply GPO1 to a global security group named Group1.

You link GP01 to the domain, and you remove all the permissions granted to the Authenticated Users group. You need to configure permissions for GP01 to meet the following requirements.

• GPO1 must apply only to the users in Group 1.

• The solution must use the principle of least privilege

Show Answer Comment (0)

Question 112

HOTSPOT

You have a server named Server1 that runs Windows Server Server1 has a just-a-bunch-of-disks

(JBOD) enclosure attached.

You plan to create a storage pool on Server1 and a virtual disk that will use a mirror layout.

You are considering whether to use a two-way or a three-way mirror layout.

What is the minimum number of disks required for each type of minor layout? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Show Answer Comment (0)

Question 113

HOTSPOT

Your company has offices in Boston and Montreal. The offices are connected by using a 10-Mbps WAN link that is often saturated The office in Boston contains the following:

• An Active Directory Domain Services (AD DS) domain controller named DC1.

• A server named Server1 that runs Windows Server and has the File Server role installed The office in Montreal contains 20 client computers that run Windows 10 Montreal does NOT have any servers. The company plans to deploy a new line of business (LOB) application to all the client computers. The installation source files for the application are in \\Server\Apps.

Show Answer Comment (0)

Question 114

Your network contains an Active Domain Services (AD DS) forest. The forest contains three domains.

Each domain contains 10 domain controllers.

You plan to store a DNS zone in a custom active Directory partition.

You need to create the Active Directory partition for the zone. The partition replicate to only four of the domain controllers. What should you use?

DNS Manager

New-ADObjett

dnscnd.exe

Windows Admin Center

Show Answer Comment (0)

Question 115

Your network contains a Active Directory Domain Service (AD DS) forest named contoso.com. The forest root domain contains a server named server1. contoso.com. A two-way forest trust exists between the contoso.com forest and an AD DS forest named fabrikam.com. The fabrikam.com forest contains 10 child domains. You need to ensure that only the members of a group named fabrikam\Group1 can authenticate to server1.contoso.com. What should you do first?

Change the trust to a one-way external trust.

Add fabrikam\Group1 to the local Users group on server1.contoso.com.

Enable SID filtering for the trust.

Enable Selective authentication for the trust.

Show Answer Comment (0)

Question 116

Your network contains a single-domain Active Directory Domain Services (AD DS) forest named conto.com. The forest contains the servers shown in the following exhibit table.

You plan to install a line-of-business (LOB) application on Server1. The application will install a custom windows services. A new corporate security policy states that all custom Windows services must run under the context of a group managed service account (gMSA). You deploy a root key. You need to create, configure, and install the gMSA that will be used by the new application.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

On Server1, run the install-ADServiceAccount cmdlet.

On DC1, run the New-ADServiceAccount cmdlet.

On DC1, run the Set_ADComputer cmdlet.

ON DC1, run the Install-ADServiceAccount cmdlet.

On Server1, run the Get-ADServiceAccount cmdlet.

Show Answer Comment (0)

Question 117

You have an Azure virtual machine named Server1 that runs a network management application.

Server1 has the following network configuration.

* Network interface.Nic1

* IP address 10.1.1.1/24

* Connected to: Vnet1/Subnet1

You need connect Server1 to an additional subnet named Vnet1/Subnet2.

What should you do?

Create a private endpoint on Subnet2

Add a network interface to server1.

Modify the IP configurations of Nic1.

Add an IP configuration to Nic1.

Show Answer Comment (0)

Question 118

Your network contains an Active Directory Domain Services (AD DS) forest. The forest contains three domains. Each domain contains 10 domain controllers. You plan to store a DNS zone in a custom Active Directory partition.

You need to create the Active Directory partition for the zone. The partition must replicate to only four of the domain controllers. What should you use?

ntdsutil.exe

Active Directory Sites and Services

New-ADobject

Active Directory Administrative Center

Show Answer Comment (0)

Question 119

You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant Group writeback is enabled in Azure AD Connect. The AD DS domain contains a server named Server1 Server 1 contains a shared folder named share1.

You have an Azure Storage account named storage2 that uses Azure AD-based access control. The storage2 account contains a share named shared You need to create a security group that meets the following requirements:

• Can contain users from the AD DS domain

• Can be used to authorize user access to share 1 and share2

What should you do?

in the AD DS domain, create a universal security group

in the Azure AD tenant create a security group that has assigned membership

in the Azure AD Tenant create a security group that has dynamic membership.

in the Azure AD tenant create a Microsoft 365 group

Show Answer Comment (0)