ExamGecko
Search Search Login
Home Home / Microsoft / AZ-800

Microsoft AZ-800 Practice Test - Questions Answers, Page 18

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Task 4 You need to run a container that uses the mcrmicrosoft.com/windows/servercofe/iis image on SRV1. Port 80 on the container must be published to port 5001 on SRV1 and the container must run in the background
SIMULATION LAB 8 You need to create an Active Directory Domain Services (AD DS) site named Site2 that is associated to an IP address range of 192.168.2.0 to 192.168.2.255.
SIMULATION LAB 10 You need to configure Hyper-V to ensure that running virtual machines can be moved between SRV1 and SRV2 without downtime. You do NOT need to move any virtual machines at this time.
SIMULATION LAB 9 You plan to create group managed service accounts (gMSAs). You need to configure the domain to support the creation of gMSAs.
Your network contains an Active Directory Domain Services (AD DS) forest named contoso.com. The root domain contains the domain controllers shown in the following table. A failure of which domain controller will prevent you from creating application partitions?
Task 10 You use a Group Policy preference to map \\dd.contoso.com\instal1 as drive H for all users>. If a user already has an existing drive mapping for H. the new drive mapping must take precedence.
DRAG DROP You have a disaggregated cluster deployment. The deployment contains a scale-out file server (SOFS) cluster that runs Windows Server and a compute duster that has the Hyper-V role enabled. You need to implement Storage Quality of Service (QoS). The solution must ensure that you can control the bandwidth usage between the SOFS cluster and the Hyper-V cluster. Which cmdlet should you run on each cluster? To answer, drag the appropriate cmdlets to the correct clusters. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. Answer:
HOTSPOT Your network contains two VLANs for client computers and one VLAN for a datacenter Each VLAN is assigned an IPv4 subnet Currently, all the client computers use static IP addresses. You plan to deploy a DHCP server to the VLAN in the datacenter. You need to use the DHCP server to provide IP configurations to all the client computers. What is the minimum number of scopes and DHCP relays you should create? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Task 8 You need to deploy a new primary DNS zone named fabrikam.com to DC1. The zone must be signed.
Task 6 You need to use Azure File Sync 10 replicate the contents of C:\app on SRV1 to an Azure file share named sharel1. file://dc1.contoso.com/install' > The required source files are located in a folder named \\dc1.contoso.com\install .

Question 171

Report
Export
Collapse

HOTSPOT

Your on-premises network contains a single-domain Active Directory Domain Services (AD DS) forest. You have an Azure AD tenant named contoso.com. The AD DS forest syncs with the Azure AD tenant by using Azure AD Connect.

You need to ensure that users in the forest that have a custom attribute of NoSync are excluded from synchronization.

How should you configure the Azure AD Connect cloudFiltered attribute, and which tool should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 171
Correct answer: Question 171

Explanation:


Question 172

Report
Export
Collapse

You have an Active Directory Domain Services (AD DS) domain. The domain contains three servers named Server 1, Server2, and Server3 that run Windows Server.

You sign in to Server1 by using a domain account and start a remote PowerShell session to Server2. From the remote PowerShell session, you attempt to access a resource on Server3. but access to the resource is denied.

You need to ensure that your credentials are passed from Server1 to Server3. The solution must minimize administrative effort. What should you do?

A.
Configure Kerberos constrained delegation.
A.
Configure Kerberos constrained delegation.
Answers
B.
Configure Just Enough Administration (JEA).
B.
Configure Just Enough Administration (JEA).
Answers
C.
Configure selective authentication for the domain.
C.
Configure selective authentication for the domain.
Answers
D.
Disable the Enforce user logon restrictions policy setting for the domain.
D.
Disable the Enforce user logon restrictions policy setting for the domain.
Answers
Suggested answer: A

Question 173

Report
Export
Collapse

HOTSPOT

Your company has a main office and 10 branch offices that are connected by using WAN links. The network contains an Active Directory domain.

All users have laptops and regularly travel between offices.

You plan to implement BranchCache in the branch offices.

In each branch office, you install a server that runs Windows Server and the BranchCache feature. You register the servers in Active Directory.

You need to configure the laptops to use the local BranchCache server automatically. The solution must minimize administrative effort.

Which two Group Policy settings should you configure? To answer, select the settings in the answer area.

NOTE: Each correct selection is worth one point.


Question 173
Correct answer: Question 173

Question 174

Report
Export
Collapse

OTSPOT

You have an Azure subscription that contains the storage accounts shown in the following table.

In the East US Azure region, you create a storage sync service named Synd.

You need to create a sync group in Synd.

Which storage accounts can you use, and what can you specify as the cloud endpoints? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.


Question 174
Correct answer: Question 174

Question 175

Report
Export
Collapse

You have an on-premises server named Server1 that runs Windows Server. Server1 contains an app named App1 and a firewall named Firewall1.

You have an Azure subscription.

Internal users connect to App1 by using WebSockets.

You need to make App1 available to users on the internet. The solution must minimize the number of inbound ports open on Firewall 1.

What should you include in the solution?

A.
Microsoft Application Request Routing (ARR) Version 2
A.
Microsoft Application Request Routing (ARR) Version 2
Answers
B.
Web Application Proxy
B.
Web Application Proxy
Answers
C.
Azure Relay
C.
Azure Relay
Answers
D.
Azure Application Gateway
D.
Azure Application Gateway
Answers
Suggested answer: C

Explanation:

Topic 4, Labs

Question 176

Report
Export
Collapse

You have a server named Server1 that runs Windows Server. The disks on Server1 are configured as shown in the following exhibit.

You need to convert volume E to ReFS. The solution must meet the following requirements:

* Preserve the existing data on volume E.

* Minimize administrative effort.

What should you do first?

A.
Take Disk 2 offline.
A.
Take Disk 2 offline.
Answers
B.
Back up the data on volume E.
B.
Back up the data on volume E.
Answers
C.
Convert Disk 2 to a dynamic disk.
C.
Convert Disk 2 to a dynamic disk.
Answers
D.
Runconvert.exe.
D.
Runconvert.exe.
Answers
Suggested answer: B

Question 177

Report
Export
Collapse

SIMULATION LAB 1

You need to prevent domain users from saving executable files in a share named \\SRVl\Data. The users must be able to save other files to the share.

A.
See the solution of this Task below
A.
See the solution of this Task below
Answers
Suggested answer: A

Explanation:

One possible solution to prevent domain users from saving executable files in a share named \SRVl\Data is to use file screening on the file server. File screening allows you to block certain files from being saved based on their file name extension. Here are the steps to configure file screening:

On the file server, openFile Server Resource Managerfrom theAdministrative Toolsmenu.

In the left pane, expandFile Screening Managementand click onFile Groups.

Right-click onFile Groupsand selectCreate File Group.

In theFile Group Propertiesdialog box, enter a name for the file group, such asExecutable Files.

In theFiles to includebox, enter the file name extensions that you want to block, such as.exe, .bat, .cmd, .com, .msi, .scr. You can use wildcards to specify multiple extensions, such as *.exe.

ClickOKto create the file group.

In the left pane, click onFile Screen Templates.

Right-click onFile Screen Templatesand selectCreate File Screen Template.

In theFile Screen Template Propertiesdialog box, enter a name for the template, such asBlock Executable Files.

On theSettingstab, select the optionActive screening: Do not allow users to save unauthorized files.

On theFile Groupstab, check the box next to the file group that you created, such asExecutable Files.

On theNotificationtab, you can configure how to notify users and administrators when a file screening event occurs, such as sending an email, logging an event, or running a command or script. You can also customize the message that users see when they try to save a blocked file.

ClickOKto create the file screen template.

In the left pane, click onFile Screens.

Right-click onFile Screensand selectCreate File Screen.

In theCreate File Screendialog box, enter the path of the folder that you want to apply the file screening to, such as\SRVl\Data.

Select the optionDerive properties from this file screen template (recommended)and choose the template that you created, such asBlock Executable Files.

ClickCreateto create the file screen.

Now, domain users will not be able to save executable files in the share named \SRVl\Data. They will be able to save other files to the share.

Question 178

Report
Export
Collapse

SIMULATION LAB 2

You need to ensure that the Azure file share named share1 can sync to on-premises servers.

The required source files are located in a folder named \\dc1.contoso.com\install.

You do NOT need to specify the on-premises servers at this time.

A.
See the solution of this Task below
A.
See the solution of this Task below
Answers
Suggested answer: A

Explanation:

One possible solution to ensure that the Azure file share named share1 can sync to on-premises servers is to use Azure File Sync. Azure File Sync allows you to centralize your file shares in Azure Files without giving up the flexibility, performance, and compatibility of an on-premises file server. It does this by transforming your Windows Servers into a quick cache of your Azure file share.You can use any protocol available on Windows Server to access your data locally (including SMB, NFS, and FTPS) and you can have as many caches as you need across the world1.

Here are the steps to configure Azure File Sync for the Azure file share named share1 and the source files located in a folder named \dc1.contoso.com\install:

On the Azure portal, create a Storage Sync Service in the same region as your storage account that contains the Azure file share named share1. For more information on how to create a Storage Sync Service, seeHow to deploy Azure File Sync.

On the on-premises server that hosts the folder named \dc1.contoso.com\install, install the Azure File Sync agent. For more information on how to install the Azure File Sync agent, seeInstall the Azure File Sync agent.

On the on-premises server, register the server with the Storage Sync Service that you created in the first step. For more information on how to register a server with a Storage Sync Service, seeRegister/unregister a server with Storage Sync Service.

On the Azure portal, create a sync group that defines the sync topology for a set of files. In the sync group, select the Azure file share named share1 as the cloud endpoint and the folder named \dc1.contoso.com\install as the server endpoint. For more information on how to create a sync group, seeCreate a sync group and a cloud endpointandCreate a server endpoint.

Wait for the initial sync to complete. You can monitor the sync progress on the Azure portal or on the on-premises server. For more information on how to monitor sync progress, see [Monitor sync progress].

Once the initial sync is complete, you can add more on-premises servers to the same sync group to sync and cache the content locally. You can also enable cloud tiering to optimize the storage space on the on-premises servers by tiering infrequently accessed or older files to Azure Files.

Question 179

Report
Export
Collapse

SIMULATION LAB 3

You need to configure SRV1 as a DNS server. SRV1 must be able resolve names from the contoso.com domain by using DC1. All other names must be resolved by using the root hint servers.

A.
See the solution of this Task below
A.
See the solution of this Task below
Answers
Suggested answer: A

Explanation:

One possible solution to configure SRV1 as a DNS server that can resolve names from the contoso.com domain by using DC1 and all other names by using the root hint servers is to use conditional forwarding. Conditional forwarding allows a DNS server to forward queries for a specific domain name to another DNS server, while using the normal forwarding or root hint servers for other queries. Here are the steps to configure conditional forwarding on SRV1:

On SRV1, openDNS Managerfrom theAdministrative Toolsmenu or by typingdnsmgmt.mscin the Run box.

In the left pane, right-click onConditional Forwardersand selectNew Conditional Forwarder.

In theNew Conditional Forwarderdialog box, entercontoso.comas theDNS Domainname.

In theIP addresses of the master serversbox, enter the IP address of DC1, which is the DNS server for the contoso.com domain. You can also click onResolveto verify the name resolution of DC1.

Optionally, you can check the boxStore this conditional forwarder in Active Directory, and replicate it as followsif you want to store and replicate the conditional forwarder in AD DS. You can also select the replication scope from the drop-down list.

ClickOKto create the conditional forwarder.

Now, SRV1 will forward any queries for the contoso.com domain to DC1, and use the root hint servers for any other queries. You can test the name resolution by using thenslookupcommand on SRV1 or another computer that uses SRV1 as its DNS server. For example, you can run the following commands:

nslookup www.contoso.com

nslookup www.microsoft.com

The first command should return the IP address of www.contoso.com from DC1, and the second command should return the IP address of www.microsoft.com from a root hint server.

Question 180

Report
Export
Collapse

SIMULATION LAB 4

You need to register SRV1 to sync Azure file shares The registration must use the 34646045 Storage Sync Service.

The required source files are located in a folder named \\dc1.contoso.com\install.

You do NOT need to configure file share synchronization at this time and you do NOT need to update the agent.

A.
See the solution of this Task below
A.
See the solution of this Task below
Answers
Suggested answer: A

Explanation:

One possible solution to register SRV1 to sync Azure file shares using the 34646045 Storage Sync Service is to use the Register-AzStorageSyncServer cmdlet from the Az.StorageSync module. This cmdlet establishes a trust relationship between the server and the Storage Sync Service, which is required for creating server endpoints and syncing files. Here are the steps to register SRV1 using the cmdlet:

On SRV1, open PowerShell as an administrator and run the following command to install the Az.StorageSync module if it is not already installed:

Install-Module -Name Az.StorageSync

Run the following command to import the Az.StorageSync module:

Import-Module -Name Az.StorageSync

Run the following command to sign in to your Azure account and select the subscription that contains the 34646045 Storage Sync Service:

Connect-AzAccount

Select-AzSubscription -SubscriptionId <your-subscription-id>

Run the following command to register SRV1 with the 34646045 Storage Sync Service. You need to specify the resource group name and the Storage Sync Service name as parameters:

Register-AzStorageSyncServer -ResourceGroupName <your-resource-group-name> -StorageSyncServiceName 34646045

Wait for the registration to complete. You can verify the registration status by checking the Registered servers tab on the Azure portal or by running the following command:

Get-AzStorageSyncServer -ResourceGroupName <your-resource-group-name> -StorageSyncServiceName 34646045

Now, SRV1 is registered with the 34646045 Storage Sync Service and ready to sync Azure file shares. You can create server endpoints on SRV1 and cloud endpoints on the Azure file shares to define the sync topology.

Total 229 questions
Go to page: of 23
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms