Skip Navigation Links
 

Microsoft - AZ-800: Administering Windows Server Hybrid Core Infrastructure

Sample Questions

Question: 134
Measured Skill: Deploy and manage Active Directory Domain Services (AD DS) in on-premises and cloud environments (30-35%)

Note: This is a lab or performance-based testing (PBT) question. To answer, you will perform a set of tasks in a live environment. Some functionality (e.g. copy and paste) will not be possible by design. The right mouse button may not be able to be used. Scoring is based on the outcome of performing the tasks stated in the lab. It doesn't matter how you accomplish the goal.

You need to ensure that the minimum password length for members of the BranchAdmins group is 12 characters. The solution must affect only the BranchAdmins group.

To complete this task, sign in to the required computer or computers.

(This question has to be solved in a lab environment. Click on Solution to see a valid example solution. Answer "True" if you can solve the problem, otherwise select "False".)

ATrue
B False

Correct answer: A

Solution:

We need to create and configure a password settings object (PSO), also called fine-grained password policy, and assign the PSO to the BranchAdmins group.

Step 01: Sign in to the domain controller using the given credentials and start the Active Directory Administrative Center from Server Manager or by typing dsac.exe in the search box.

Step 02: Switch the navigation to "Tree view" an dopen the System container. Then right-click the "Password Settings Container" choose "New" and then "Password Settings".

Step 03: Enter a name and a precedence for the new PSO and set the minimum password length to 12 characters. Then click the "Add" button in the "Directly Applies To" section and search for the BranchAdmins group. Click "OK".

Step 04: The configuration has been finished. Click "OK" to create the PSO and to finish the task.

Reference: Fine-Grained Password Policy step-by-step



Question: 135
Measured Skill: Manage virtual machines and containers (15-20%)

Note: This is a lab or performance-based testing (PBT) question. To answer, you will perform a set of tasks in a live environment. Some functionality (e.g. copy and paste) will not be possible by design. The right mouse button may not be able to be used. Scoring is based on the outcome of performing the tasks stated in the lab. It doesn't matter how you accomplish the goal.

You need to enable nested virtualization for a virtual machine named VM1 on SRV-1.

To complete this task, sign in to the required computer or computers.

(This question has to be solved in a lab environment. Click on Solution to see a valid example solution. Answer "True" if you can solve the problem, otherwise select "False".)

ATrue
B False

Correct answer: A

Solution:

We need to enable nested virtualization for VM1 and we should enable MAC address spoofing for VM1 to support networking for the nested virtual machine. Both steps are done by running PowerShell cmldets on SRV-1.

Step 01: Sign in to SRV-1 using the given credentials and start Windows PowerShell in Admin mode.

Step 02: Run "Get-VM" to check the status of VM1. If VM1 is running, shut VM1 down by running "Stop-VM VM1" and make sure, VM1 is switched off.

Step 03: First, run Set-VMProcessor -VMName VM1 -ExposeVirtualizationExtensions $true to enable nested virtualization for VM1. Second, run Get-VMNetworkAdapter -VMName VM1 | Set-VMNetworkAdapter -MacAddressSpoofing On to enable networking support for VM1.

Step 04: As an optional step, you could run the following cmdlets to verify your configurations applied successfully.

Reference: Run Hyper-V in a Virtual Machine with Nested Virtualization



Question: 136
Measured Skill: Manage virtual machines and containers (15-20%)

Note: This is a lab or performance-based testing (PBT) question. To answer, you will perform a set of tasks in a live environment. Some functionality (e.g. copy and paste) will not be possible by design. The right mouse button may not be able to be used. Scoring is based on the outcome of performing the tasks stated in the lab. It doesn't matter how you accomplish the goal.

SRV-1 contains a virtual machine named VM1.

You need attach c:\vhds\Disk1.vhdx to VM1. The solution must ensure that Disk1 can be expanded dynamically when VM1 runs.

To complete this task, sign in to the required computer or computers.

(This question has to be solved in a lab environment. Click on Solution to see a valid example solution. Answer "True" if you can solve the problem, otherwise select "False".)

ATrue
B False

Correct answer: A

Solution:

The task does not indicate whether Disk1.vhdx already exists. However, if Disk1.vhdx already existed, we would not be able to control the disk type, which needs to be set to dynamically expandable. So we will first create the disk and then attach it to SRV-1.

Step 01: Sign in to SRV-1 using the given credentials and start Hyper-V Manager. Select VM1 and click "Settings".

Step 02: Select the SCSI controller of the virtual machine and make sure "Hard Drive" is selected. Then click "Add".

Step 03: We could click "Browse" to check if Disk1 already exists and then attach the disk. But, we will create a new disk. Click "New".

Step 04: Click "Next".

Step 05: Make sure, the disk type is set to "Dynamically expanding". Then click "Next".

Step 06: Enter "Disk1.vhdx" as the name for the new disk and choose "c:\vhds\" as the storage location. Then click "Next".

Step 07: Click "Next".

Step 08: Click "Finish".

Step 09: Click "OK" to apply your configuration and to finish the task.



Question: 137
Measured Skill: Deploy and manage Active Directory Domain Services (AD DS) in on-premises and cloud environments (30-35%)

Note: This is a lab or performance-based testing (PBT) question. To answer, you will perform a set of tasks in a live environment. Some functionality (e.g. copy and paste) will not be possible by design. The right mouse button may not be able to be used. Scoring is based on the outcome of performing the tasks stated in the lab. It doesn't matter how you accomplish the goal.

You need to ensure that DC-2 is the schema master for contoso.com.

To complete this task, sign in to the required computer or computers.

(This question has to be solved in a lab environment. Click on Solution to see a valid example solution. Answer "True" if you can solve the problem, otherwise select "False".)

ATrue
B False

Correct answer: A

Solution:

We can transfer the schema master operations master role from DC-1 to DC-2 by using ntdsutil.exe or the Active Directory Schema snap-in on DC-1. If the current role holder is not available, we can seize the schema master role using ntdsutil.exe on DC-2. This solution uses the Active Directory Schema snap-in on DC-1 to transfer the role to DC-2.

Step 01: Sign in to DC-1 by using the given credentials. By default the required Schema snap-in is not registered and hence not available to us. To register the snap-in, open a command prompt with administrative privileges and run regsvr32 schmmgmt.dll.

Step 02: Start mmc.exe. On the File, menu, click "Add or Remove Snap-ins" and add the Active Directory Schema snap-in.

Step 03: Right-click the "Active Directory Schema" node and choose "Change Active Directory Domain Controller...". Change the focus to DC-2.

Step 04: Right-click the "Active Directory Schema" node and choose "Operations Master...".

Step 05: Click on "Change".

Step 06: Click on "Yes".

Step 07: The schema master was transferred successfully. Click "OK".

Step 08: Click "Close" to complete the task.

Reference: How to view and transfer FSMO roles



Question: 138
Measured Skill: Deploy and manage Active Directory Domain Services (AD DS) in on-premises and cloud environments (30-35%)

Your network contains an Azure Active Directory Domain Services (Azure AD DS) domain named contoso.com.

You need to configure a password policy for the local user accounts on the Azure virtual machines joined to contoso.com.

What should you do?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

ASign in by using a user account that is a member of the: AAD DC Administrators group
Use a Group Policy Object (GPO) linked to the: Computers container
B Sign in by using a user account that is a member of the: AAD DC Administrators group
Use a Group Policy Object (GPO) linked to the: AADDC Computers organizational unit (OU)
C Sign in by using a user account that is a member of the: Administrators group
Use a Group Policy Object (GPO) linked to the: AADDC Users organizational unit (OU)
D Sign in by using a user account that is a member of the: Administrators group
Use a Group Policy Object (GPO) linked to the: Computers container
E Sign in by using a user account that is a member of the: Domain Admins group
Use a Group Policy Object (GPO) linked to the: AADDC Computers organizational unit (OU)
F Sign in by using a user account that is a member of the: Domain Admins group
Use a Group Policy Object (GPO) linked to the: AADDC Users organizational unit (OU)

Correct answer: B

Explanation:

We need to create a Group Policy Object (GPO) in the Azure Active Directory Domain Services (Azure AD DS) domain, configure the GPO's password policy, and link the GPO to the organizational unit (OU) that contains the domain's computer accounts.

To administer group policy in a managed domain, you must be signed in to a user account that's a member of the AAD DC Administrators group.

There are two built-in Group Policy Objects (GPOs) in a managed domain - one for the AADDC Computers OU, and one for the AADDC Users OU. You can customize these GPOs to configure group policy as needed within your managed domain. By default, the AADDC Computers OU contains all the computer accounts of the member computers.

References:

What is Azure Active Directory Domain Services?

Administer Group Policy in an Azure Active Directory Domain Services managed domain





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2023 by cert2brain.com