ExamGecko
Login
Home / Microsoft / AZ-801 / List of questions
Ask Question

Microsoft AZ-801 Practice Test - Questions Answers, Page 4

Add to Whishlist

List of questions

Question 31

Report Export Collapse

You have an Azure subscription. The subscription contains a virtual machine named VM1 that runs Windows Server and uses Azure Disk Encryption.

You need to identify which Azure key vault stores the encryption keys for VM1. The solution must minimize administrative effort.

Which PowerShell cmdlet should you run?

Get-AzKeyVaultKey

Get-AzKeyVaultKey

Get-AiKeyVault

Get-AiKeyVault

Get-AzVMDiskEncryptionStatus

Get-AzVMDiskEncryptionStatus

Get-AzDiskEncryptionSet

Get-AzDiskEncryptionSet

Suggested answer: C
asked 16/10/2024
Allen J Tyson
36 questions

Question 32

Report Export Collapse

You deploy Azure Migrate to an on-premises network.

You have an on-premises physical server named Server! that runs Windows Server and has the following configurations:

* Operating system disk; 600 GB

* Data disk: 3 TB

* NIC Teaming: Enabled

* Mobility service: Installed

* Windows Defender Firewall: Enabled

* Microsoft Defender Antivirus: Enabled

You need to ensure that you can use Azure Migrate to migrate Server1.

Solution: You disable Windows Defender Firewall on Server 1.

Does this meet the goal?

Yes

Yes

No

No

Suggested answer: B
asked 16/10/2024
Ricardo Andres
35 questions

Question 33

Report Export Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a server named Server1 that runs Windows Server.

You need to ensure that only specific applications can modify the data in protected folders on Server1. Solution: From Virus & threat protection, you configure Controlled folder access.

Does this meet the goal?

Yes
Yes
No
No
Suggested answer: A
Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-controlledfolders?view=o365-worldwide

asked 02/10/2024
Victor Ogbonna
39 questions

Question 34

Report Export Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a server named Server1 that runs Windows Server.

You need to ensure that only specific applications can modify the data in protected folders on Server1. Solution: From Virus & threat protection, you configure Tamper Protection.

Does this meet the goal?

Yes
Yes
No
No
Suggested answer: B
Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-controlledfolders?view=o365-worldwide

asked 02/10/2024
Elizaveta Kutuzova
58 questions

Question 35

Report Export Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a server named Server1 that runs Windows Server.

You need to ensure that only specific applications can modify the data in protected folders on Server1. Solution: From App & browser control, you configure the Exploit protection settings.

Does this meet the goal?

Yes
Yes
No
No
Suggested answer: B
Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-controlledfolders?view=o365-worldwide

asked 02/10/2024
Sari Bukhari
37 questions

Question 36

Report Export Collapse

You have an Azure virtual machine named VM1 that runs Windows Server.

You plan to deploy a new line-of-business (LOB) application to VM1.

You need to ensure that the application can create child processes.

What should you configure on VM1?

Microsoft Defender Credential Guard
Microsoft Defender Credential Guard
Microsoft Defender Application Control
Microsoft Defender Application Control
Microsoft Defender SmartScreen
Microsoft Defender SmartScreen
Exploit protection
Exploit protection
Suggested answer: A
Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-exploitprotection?view=o365-worldwide

asked 02/10/2024
Mike van den Berg
41 questions

Question 37

Report Export Collapse

You have 100 Azure virtual machines that run Windows Server. The virtual machines are onboarded to Microsoft Defender for Cloud. You need to shut down a virtual machine automatically if Microsoft Defender for Cloud generates the "Antimalware disabled in the virtual machine" alert for the virtual machine. What should you use in Microsoft Defender for Cloud?

a logic app
a logic app
a workbook
a workbook
a security policy
a security policy
adaptive network hardening
adaptive network hardening
Suggested answer: A
Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/defender-for-cloud/managing-and-responding-alerts

asked 02/10/2024
Rakesh Sharma
44 questions

Question 38

Report Export Collapse

You have a Microsoft Sentinel deployment and 100 Azure Arc-enabled on-premises servers. All the Azure Arc-enabled resources are in the same resource group. You need to onboard the servers to Microsoft Sentinel. The solution must minimize administrative effort. What should you use to onboard the servers to Microsoft Sentinel?

Azure Automation
Azure Automation
Azure Policy
Azure Policy
Azure virtual machine extensions
Azure virtual machine extensions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
Suggested answer: B
Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/manage/hybrid/server/bestpractices/arc-policies-mma

asked 02/10/2024
jonathan siu
46 questions

Question 39

Report Export Collapse

You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant by using password hash synchronization. You have a Microsoft 365 subscription.

All devices are hybrid Azure AD-joined.

Users report that they must enter their password manually when accessing Microsoft 365 applications. You need to reduce the number of times the users are prompted for their password when they access Microsoft 365 and Azure services. What should you do?

In Azure AD. configure a Conditional Access policy for the Microsoft Office 365 applications.
In Azure AD. configure a Conditional Access policy for the Microsoft Office 365 applications.
In the DNS zone of the AD DS domain, create an autodiscover record.
In the DNS zone of the AD DS domain, create an autodiscover record.
From Azure AD Connect, enable single sign-on (SSO).
From Azure AD Connect, enable single sign-on (SSO).
From Azure AD Connect, configure pass-through authentication.
From Azure AD Connect, configure pass-through authentication.
Suggested answer: C
Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start

asked 02/10/2024
Rodolfo Ponce
43 questions

Question 40

Report Export Collapse

You have an Azure subscription that has Microsoft Defender for Cloud enabled.

You have 50 Azure virtual machines that run Windows Server.

You need to ensure that any security exploits detected on the virtual machines are forwarded to Defender for Cloud. Which extension should you enable on the virtual machines?

Vulnerability assessment for machines
Vulnerability assessment for machines
Microsoft Dependency agent
Microsoft Dependency agent
Log Analytics agent for Azure VMs
Log Analytics agent for Azure VMs
Guest Configuration agent
Guest Configuration agent
Suggested answer: A
Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/defender-for-cloud/deploy-vulnerability-assessment-vm

asked 02/10/2024
Aviv Beck
46 questions
Total 157 questions
Go to page: of 16
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

DRAG DROP You manage 200 physical servers that run Windows Server. You plan to migrate the servers to Azure. You need to prepare for discovery of the servers by using Azure Migrate. Which three actions should you perform in sequence on a physical server? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
HOTSPOT You have an Azure Active Directory Domain Services (Azure AD DS) domain named aadds.contoso.com. You have an Azure virtual network named Vnet1. Vnet1 contains two virtual machines named VM1 and VM2 that run Windows Server. VMI and VM2 are joined to aadds.contoso.com. You create a new Azure virtual network named Vnet2. You add a new server named VM3 to Vnet2. When you attempt to join VM3 to aadds.contoso.com, you get an error message that the domain cannot be found. You need to ensure that you can join VM3 toaadds.contoso.com.
You have two Azure Virtual machines that run Windows Server. You plan to create a failover cluster that will host the virtual machines. You need to configure an Azure Storage account that will be used by the cluster as a cloud witness. The solution must maximize resiliency. Which type of redundancy should you configure for the storage account?
You have three servers named Server 1. Servers and Server3 that run Windows Server. The servers have the Hyper-V server rote installed and are configured in a Storage Spaces Deed cluster named Cluster1. Cluster1 hosts a virtual machine named VM1 that has Windows Admin Center Installed. You manage all servers and clusters by using Windows Admin Center. You purchase an Azure subscription. You need to configure email alerts in Azure Monitor for the following: • Disk Capacity Utilization Over 80% for 10 Minutes • Any critical alert in the cluster system event log • Memory Utilization over 95% for 10 minutes • Heartbeat fewer than 5 beats for 5 Minutes. • CPU Utilization over 85 % for 10 Minutes. • Any hearth service faults for the cluster The solution must use the minimum amount of administrative effort. What should you do?
You have an Azure subscription. The subscription contains a virtual machine named VM1 that runs Windows Server. The subscription contains the storage accounts shown in the following table. You plan to enable boot diagnostics for VM1. You need to configure storage for the boot diagnostics logs and snapshots. Which storage account should you use?
You have a Site-to-Site VPN between an on-premises network and an Azure VPN gateway. BGP is disabled for the Site-to-Site VPN. You have an Azure virtual network named Vnet1 that contains a subnet named Subnet1. Subnet1 contains a virtual machine named Server1. You can connect to Server1 from the on-premises network. You extend the address space of Vnet1. You add a subnet named Subnet2 to Vnet1. Subnet2 uses the extended address space. You deploy an Azure virtual machine named Server2 to Subnet2. You cannot connect to Server2 from the on-premises network. Server1 can connect to Server2. You need to ensure that you can connect to Subnet2 from the on-premises network. What should you do?
Your on-premises network contains two subnets. The subnets contain servers that run Windows Server as shown in the following table. Server4 has the following IP configurations: Ethernet adapter Ethernet: Connection-specific DNS Suffix . . : IPv4 Address . . . . . . . . . . . : 192.168.0.10 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 From Server4, you can ping Server1 and Server2 successfully. When you ping Server3, you get a Request timed out response. From Server2, you can ping Server1 and Server3 successfully. The misconfiguration of which component on Server3 can cause the Request timed out response?
You have a Storage Spaces Direct configuration that has persistent memory and contains the data volumes shown in the following table. You plan to add data volumes to Storage Spaces Direct as shown in the following table. On which volumes can you use direct access (DAX)?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a failover cluster named Cluster1 that hosts an application named App1. The General tab in App1 Properties is shown in the General exhibit. (Click the General tab.) The Failover tab in App1 Properties is shown in the Failover exhibit. (Click the Failover tab.) Server1 shuts down unexpectedly. You need to ensure that when you start Server1, App1 continues to run on Server2. Solution: From the Failover settings, you select Prevent failback. Does this meet the goal?
HOTSPOT You have an on-premises Active Directory Domain Services (AD DS) domain that contains the resources shown in the following table. The domain contains the domain controllers shown in the following table. You configure a site link between Site1 and Site2 and set the replication interval to 20 minutes. At 10:00 AM, connectivity between Site1 and Site2 fails. Administrators perform the actions shown in the following table. At 10:30 AM, connectivity between Site1 and Site2 is restored. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth dim point