Skip Navigation Links
 

Microsoft - AZ-800: Administering Windows Server Hybrid Core Infrastructure

Sample Questions

Question: 121
Measured Skill: Deploy and manage Active Directory Domain Services (AD DS) in on-premises and cloud environments (30-35%)
Note: This questions is based on a case study. The case study is not shown in this demo.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AAdmin1 must use a password that has at least 14 characters: Yes
User1 must use a password that has at least 10 characters: Yes
If Admin1 creates a new local user on Server1, the password ... at least eight characters: Yes
B Admin1 must use a password that has at least 14 characters: Yes
User1 must use a password that has at least 10 characters: Yes
If Admin1 creates a new local user on Server1, the password ... at least eight characters: No
C Admin1 must use a password that has at least 14 characters: No
User1 must use a password that has at least 10 characters: Yes
If Admin1 creates a new local user on Server1, the password ... at least eight characters: No
D Admin1 must use a password that has at least 14 characters: Yes
User1 must use a password that has at least 10 characters: No
If Admin1 creates a new local user on Server1, the password ... at least eight characters: Yes
E Admin1 must use a password that has at least 14 characters: No
User1 must use a password that has at least 10 characters: Yes
If Admin1 creates a new local user on Server1, the password ... at least eight characters: Yes
F Admin1 must use a password that has at least 14 characters: No
User1 must use a password that has at least 10 characters: No
If Admin1 creates a new local user on Server1, the password ... at least eight characters: No

Correct answer: E

Explanation:

Admin1 is a domain user. Unless a password settings object (PSO) is associated with Admin1, the domain's password policy, which is configured in the Default Domain Policy, applies. The domain password policy requires a minimum password length of 10 characters.

User1 is a domain user. Unless a password settings object (PSO) is associated with User1, the domain's password policy, which is configured in the Default Domain Policy, applies. The domain password policy requires a minimum password length of 10 characters.

Server1 is in the Member Servers OU. Local user accounts on Server1 are subject to the local password policy. GPO2 is linked to the Member Servers OU and configures Server2's local password policy. The password policy configured in GPO2 requires a minimum password length of 8 characters.



Question: 122
Measured Skill: Deploy and manage Active Directory Domain Services (AD DS) in on-premises and cloud environments (30-35%)

Your network contains three Active Directory Domain Services (AD DS) forests as shown in the following exhibit.



The network contains the users shown in the following table.



The network contains the security groups shown in the following table.



For each of the following statements, select Yes if the statement is true, Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AYou can add User1 to Group1: Yes
You can add User2 to Group3: Yes
You can grant Group2 permissions to the resources in the fabrikam.com domain: Yes
B You can add User1 to Group1: Yes
You can add User2 to Group3: Yes
You can grant Group2 permissions to the resources in the fabrikam.com domain: No
C You can add User1 to Group1: Yes
You can add User2 to Group3: No
You can grant Group2 permissions to the resources in the fabrikam.com domain: Yes
D You can add User1 to Group1: No
You can add User2 to Group3: Yes
You can grant Group2 permissions to the resources in the fabrikam.com domain: No
E You can add User1 to Group1: No
You can add User2 to Group3: No
You can grant Group2 permissions to the resources in the fabrikam.com domain: Yes
F You can add User1 to Group1: No
You can add User2 to Group3: No
You can grant Group2 permissions to the resources in the fabrikam.com domain: No

Correct answer: C

Explanation:

Groups are characterized by a scope that identifies the extent to which the group is applied in the domain tree or forest. The scope of the group defines where the group can be granted permissions. The following three group scopes are defined by Active Directory:

  • Universal

  • Global

  • Domain Local

The following table lists the three group scopes and more information about each scope for a security group.

Reference: Active Directory security groups



Question: 123
Measured Skill: Manage virtual machines and containers (15-20%)

You create an Azure virtual machine named Server1 that runs Windows Server. Server1 has the disk configuration shown in the following exhibit.



Server1 is currently running.

You need to add an additional Volume to store user data to Server1.

Which three actions should perform in sequence?

(To answer, move the appropriate actions from the list of action of the answer area and arrange them in the correct order.)

www.cert2brain.com

ASequence: 1, 3, 2
B Sequence: 6, 5, 1
C Sequence: 3, 6, 5
D Sequence: 3, 6, 4

Correct answer: D

Explanation:

The exhibit shows that Server1 only has an operating system disk and the mandatory temporary storage. To create a new volume, we first need to add a new disk to Server1 and initialize it. We can then create the new volume and assign a drive letter to the volume.

Attaching a new disk to a virtual machine in Azure does not matter whether the machine is started or stopped.



Question: 124
Measured Skill: Deploy and manage Active Directory Domain Services (AD DS) in on-premises and cloud environments (30-35%)

Your network contains a two-domain on-premises Active Directory Domain Services (AD DS) forest named contoso.com. The forest contains the domain controllers shown in the following table.



You create an Active Directory site named Site3. Site1, Site2 and Site3 each has a dedicated site link to the Hub site.

In Site3, you install a new server named Server1.

You need to promote Server1 to an RODC in child.contoso.com by using the install from Media (IFM) option. The solution must minimize network traffic.

What should you do?

(To answer select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AServer to use to create the IFM source: DC1
Tool to use to create the IFM source: Dcdiag.exe
B Server to use to create the IFM source: DC1
Tool to use to create the IFM source: Azure Backup
C Server to use to create the IFM source: DC2
Tool to use to create the IFM source: Ntdsutil.exe
D Server to use to create the IFM source: Server1
Tool to use to create the IFM source: Windows Server Backup
E Server to use to create the IFM source: RODC3
Tool to use to create the IFM source: Dcdiag.exe
F Server to use to create the IFM source: RODC3
Tool to use to create the IFM source: Repadmin.exe

Correct answer: C

Explanation:

You can create an additional domain controller in a domain by installing Active Directory Domain Services (AD DS) on a server computer. When you are placing the additional domain controller in a remote site, you can install AD DS on the server either before or after you ship it to the remote site, as follows:

  • Ship the computer as a workgroup computer, and install AD DS on it in the remote site. If you do not have administrative support in the remote site, enable Remote Desktop on the computer before you ship the computer so that you can perform the installation remotely. In the remote site, you can either:
    • Install AD DS from installation media that has been shipped to the site on removable media.
    • Install AD DS over the network.
  • Install AD DS on the server in a hub or staging site, and then ship the installed domain controller to the remote site.

What tool is used to create media (IFM) for an additional domain controller?

Windows Server 2008 and higher include an improved version of the Ntdsutil tool that you can use to create installation media for an additional domain controller. You can use Ntdsutil.exe to create installation media for additional domain controllers that you are creating in a domain. The IFM method uses the data in the installation media to install AD DS, which eliminates the need to replicate every object from a partner domain controller.

Note: Objects that were modified, added, or deleted since the installation media was created must be replicated. If the installation media was created recently, the amount of replication that is required is considerably less than the amount of replication that is required for a regular AD DS installation.

IFM has the following requirements

  • You cannot use IFM to create the first domain controller in a domain. A Windows Server 2008–based domain controller must be running in the domain before you can perform IFM installations.
  • The media that you use to create additional domain controllers must be taken from a domain controller in the same domain as the domain of the new domain controller.
  • If the domain controller that you are creating is to be a global catalog server, the media for the installation must be created on an existing global catalog server in the domain.
  • To install a domain controller that is a Domain Name System (DNS) server, you must create the installation media on a domain controller that is a DNS server in the domain.
  • To create installation media for a full (writable) domain controller, you must run the ntdsutil ifm command on a writable domain controller that is running Windows Server 2008 or Windows Server 2008 R2.
  • To create installation media for a read-only domain controller (RODC), you can run the ntdsutil ifm command on either a writable domain controller or an RODC that runs Windows Server 2008 or Windows Server 2008 R2. For RODC installation media, Ntdsutil removes any cached secrets, such as passwords
  • You can use a 32-bit domain controller to generate installation media for a 64-bit domain controller; the reverse is also true. The ability to mix processor types for IFM installations is new in Windows Server 2008 and Windows Server 2008 R2.
  • The IFM process creates a temp database in the %TMP% folder. You need at least 110% of the size of the AD DS or AD LDS database free on the drive where the %TMP% folder is in order for the operation to succeed. You can redirect the %TMP% folder to another disk on the server in order to use more space.

Reference: Active Directory: Step-by-Step Guide to Install an Additional Domain Controller Using IFM



Question: 125
Measured Skill: Manage storage and file services (15-20%)

You have a server named Server1 that runs Windows Server. Server1 has a just-a-bunch-of-disks (JBOD) enclosure attached.

You plan to create a storage pool on Server1 and a virtual disk that will use a mirror layout.

You are considering whether to use a two-way or a three-way mirror layout.

What is the minimum number of disks required for each type of mirror layout?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

ATwo-way mirror: 2
Three-way mirror: 3
B Two-way mirror: 3
Three-way mirror: 3
C Two-way mirror: 3
Three-way mirror: 5
D Two-way mirror: 2
Three-way mirror: 5
E Two-way mirror: 3
Three-way mirror: 5
F Two-way mirror: 4
Three-way mirror: 6

Correct answer: D

Explanation:

From a storage pool, you can create one or more virtual disks. These virtual disks are also referred to as storage spaces. A storage space appears to the Windows operating system as a regular disk from which you can create formatted volumes. When you create a virtual disk through the File and Storage Services user interface, you can configure the resiliency type (simple, mirror, or parity), the provisioning type (thin or fixed), and the size. Through Windows PowerShell, you can set additional parameters such as the number of columns, the interleave value, and which physical disks in the pool to use.

From a virtual disk, you can create one or more volumes. When you create a volume, you can configure the size, drive letter or folder, file system (NTFS file system or Resilient File System (ReFS)), allocation unit size, and an optional volume label.

A mirror layout stores two or three copies of the data across the set of physical disks and requires at least two physical disks to protect from single disk failure (two-way mirror) and at least five physical disks to protect from two simultaneous disk failures (three-way mirror).

Reference: Deploy Storage Spaces on a stand-alone server





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2022 by cert2brain.com