ExamGecko
Search Search Login
Home Home / Microsoft / AZ-801

Microsoft AZ-801 Practice Test - Questions Answers, Page 4

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

HOTSPOT You have an Azure Active Directory Domain Services (Azure AD DS) domain named aadds.contoso.com. You have an Azure virtual network named Vnet1. Vnet1 contains two virtual machines named VM1 and VM2 that run Windows Server. VMI and VM2 are joined to aadds.contoso.com. You create a new Azure virtual network named Vnet2. You add a new server named VM3 to Vnet2. When you attempt to join VM3 to aadds.contoso.com, you get an error message that the domain cannot be found. You need to ensure that you can join VM3 toaadds.contoso.com.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a failover cluster named Cluster1 that hosts an application named App1. The General tab in App1 Properties is shown in the General exhibit. (Click the General tab.) The Failover tab in App1 Properties is shown in the Failover exhibit. (Click the Failover tab.) Server1 shuts down unexpectedly. You need to ensure that when you start Server1, App1 continues to run on Server2. Solution: From the Failover settings, you select Prevent failback. Does this meet the goal?
HOTSPOT You have an on-premises Active Directory Domain Services (AD DS) domain that contains the resources shown in the following table. The domain contains the domain controllers shown in the following table. You configure a site link between Site1 and Site2 and set the replication interval to 20 minutes. At 10:00 AM, connectivity between Site1 and Site2 fails. Administrators perform the actions shown in the following table. At 10:30 AM, connectivity between Site1 and Site2 is restored. For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth dim point
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains a single-domain Active Directory Domain Services (AD DS) forest named contoso.com. The functional level of the forest is Windows Server 2012 R2. All domain controllers run Windows Server 2012 R2. Sysvol replicates by using the File Replication Service (FRS). You plan to replace the existing domain controllers with new domain controllers that will run Windows Server 2022. You need to ensure that you can add the first domain controller that runs Windows Server 2022. Solution: You migrate sysvol from FRS to Distributed File System (DFS) Replication. Does this meet the goal?
You have a failover cluster named Cluster1 that has the following configurations: Number of nodes: 6 Quorum: Dynamic quorum Witness: File share, Dynamic witness What is the maximum number of nodes that can fail simultaneously while maintaining quorum?
Your on-premises network contains two subnets. The subnets contain servers that run Windows Server as shown in the following table. Server4 has the following IP configurations: Ethernet adapter Ethernet: Connection-specific DNS Suffix . . : IPv4 Address . . . . . . . . . . . : 192.168.0.10 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 From Server4, you can ping Server1 and Server2 successfully. When you ping Server3, you get a Request timed out response. From Server2, you can ping Server1 and Server3 successfully. The misconfiguration of which component on Server3 can cause the Request timed out response?
DRAG DROP You manage 200 physical servers that run Windows Server. You plan to migrate the servers to Azure. You need to prepare for discovery of the servers by using Azure Migrate. Which three actions should you perform in sequence on a physical server? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You have five Azure virtual machines. You need to collect performance data and Windows Event logs from the virtual machines. The data collected must be sent to an Azure Storage account. What should you install on the virtual machines?
HOTSPOT Your network contains an Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains the organizational units (OUs) shown in the following table. In the domain, you create the Group Policy Objects (GPOs) shown in the following table. You need to implement IPsec authentication to ensure that only authenticated computer accounts can connect to the members in the domain. The solution must minimize administrative effort. Which GPOs should you apply to the Domain Controllers OU and the Domain Servers OU? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You have an Azure subscription. The subscription contains a virtual machine named VM1 that runs Windows Server. The subscription contains the storage accounts shown in the following table. You plan to enable boot diagnostics for VM1. You need to configure storage for the boot diagnostics logs and snapshots. Which storage account should you use?

Question 31

Report
Export
Collapse

You have an Azure subscription. The subscription contains a virtual machine named VM1 that runs Windows Server and uses Azure Disk Encryption.

You need to identify which Azure key vault stores the encryption keys for VM1. The solution must minimize administrative effort.

Which PowerShell cmdlet should you run?

A.

Get-AzKeyVaultKey

A.

Get-AzKeyVaultKey

Answers
B.

Get-AiKeyVault

B.

Get-AiKeyVault

Answers
C.

Get-AzVMDiskEncryptionStatus

C.

Get-AzVMDiskEncryptionStatus

Answers
D.

Get-AzDiskEncryptionSet

D.

Get-AzDiskEncryptionSet

Answers
Suggested answer: C

Question 32

Report
Export
Collapse

You deploy Azure Migrate to an on-premises network.

You have an on-premises physical server named Server! that runs Windows Server and has the following configurations:

* Operating system disk; 600 GB

* Data disk: 3 TB

* NIC Teaming: Enabled

* Mobility service: Installed

* Windows Defender Firewall: Enabled

* Microsoft Defender Antivirus: Enabled

You need to ensure that you can use Azure Migrate to migrate Server1.

Solution: You disable Windows Defender Firewall on Server 1.

Does this meet the goal?

A.

Yes

A.

Yes

Answers
B.

No

B.

No

Answers
Suggested answer: B

Question 33

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a server named Server1 that runs Windows Server.

You need to ensure that only specific applications can modify the data in protected folders on Server1. Solution: From Virus & threat protection, you configure Controlled folder access.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-controlledfolders?view=o365-worldwide

Question 34

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a server named Server1 that runs Windows Server.

You need to ensure that only specific applications can modify the data in protected folders on Server1. Solution: From Virus & threat protection, you configure Tamper Protection.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-controlledfolders?view=o365-worldwide

Question 35

Report
Export
Collapse

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. You have a server named Server1 that runs Windows Server.

You need to ensure that only specific applications can modify the data in protected folders on Server1. Solution: From App & browser control, you configure the Exploit protection settings.

Does this meet the goal?

A.
Yes
A.
Yes
Answers
B.
No
B.
No
Answers
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-controlledfolders?view=o365-worldwide

Question 36

Report
Export
Collapse

You have an Azure virtual machine named VM1 that runs Windows Server.

You plan to deploy a new line-of-business (LOB) application to VM1.

You need to ensure that the application can create child processes.

What should you configure on VM1?

A.
Microsoft Defender Credential Guard
A.
Microsoft Defender Credential Guard
Answers
B.
Microsoft Defender Application Control
B.
Microsoft Defender Application Control
Answers
C.
Microsoft Defender SmartScreen
C.
Microsoft Defender SmartScreen
Answers
D.
Exploit protection
D.
Exploit protection
Answers
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-exploitprotection?view=o365-worldwide

Question 37

Report
Export
Collapse

You have 100 Azure virtual machines that run Windows Server. The virtual machines are onboarded to Microsoft Defender for Cloud. You need to shut down a virtual machine automatically if Microsoft Defender for Cloud generates the "Antimalware disabled in the virtual machine" alert for the virtual machine. What should you use in Microsoft Defender for Cloud?

A.
a logic app
A.
a logic app
Answers
B.
a workbook
B.
a workbook
Answers
C.
a security policy
C.
a security policy
Answers
D.
adaptive network hardening
D.
adaptive network hardening
Answers
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/defender-for-cloud/managing-and-responding-alerts

Question 38

Report
Export
Collapse

You have a Microsoft Sentinel deployment and 100 Azure Arc-enabled on-premises servers. All the Azure Arc-enabled resources are in the same resource group. You need to onboard the servers to Microsoft Sentinel. The solution must minimize administrative effort. What should you use to onboard the servers to Microsoft Sentinel?

A.
Azure Automation
A.
Azure Automation
Answers
B.
Azure Policy
B.
Azure Policy
Answers
C.
Azure virtual machine extensions
C.
Azure virtual machine extensions
Answers
D.
Microsoft Defender for Cloud
D.
Microsoft Defender for Cloud
Answers
Suggested answer: B

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/manage/hybrid/server/bestpractices/arc-policies-mma

Question 39

Report
Export
Collapse

You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant by using password hash synchronization. You have a Microsoft 365 subscription.

All devices are hybrid Azure AD-joined.

Users report that they must enter their password manually when accessing Microsoft 365 applications. You need to reduce the number of times the users are prompted for their password when they access Microsoft 365 and Azure services. What should you do?

A.
In Azure AD. configure a Conditional Access policy for the Microsoft Office 365 applications.
A.
In Azure AD. configure a Conditional Access policy for the Microsoft Office 365 applications.
Answers
B.
In the DNS zone of the AD DS domain, create an autodiscover record.
B.
In the DNS zone of the AD DS domain, create an autodiscover record.
Answers
C.
From Azure AD Connect, enable single sign-on (SSO).
C.
From Azure AD Connect, enable single sign-on (SSO).
Answers
D.
From Azure AD Connect, configure pass-through authentication.
D.
From Azure AD Connect, configure pass-through authentication.
Answers
Suggested answer: C

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start

Question 40

Report
Export
Collapse

You have an Azure subscription that has Microsoft Defender for Cloud enabled.

You have 50 Azure virtual machines that run Windows Server.

You need to ensure that any security exploits detected on the virtual machines are forwarded to Defender for Cloud. Which extension should you enable on the virtual machines?

A.
Vulnerability assessment for machines
A.
Vulnerability assessment for machines
Answers
B.
Microsoft Dependency agent
B.
Microsoft Dependency agent
Answers
C.
Log Analytics agent for Azure VMs
C.
Log Analytics agent for Azure VMs
Answers
D.
Guest Configuration agent
D.
Guest Configuration agent
Answers
Suggested answer: A

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/defender-for-cloud/deploy-vulnerability-assessment-vm

Total 157 questions
Go to page: of 16
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms