Skip Navigation Links
 

Microsoft - AZ-801: Configuring Windows Server Hybrid Advanced Services

Sample Questions

Question: 144
Measured Skill: Monitor and troubleshoot Windows Server environments (20-25%)

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. Determine whether the solution meets the stated goals.

You have an on-premises server named Server1 that runs Windows Server and you have a Microsoft Sentinel instance.

You add the Windows Firewall data connector in Microsoft Sentinel.

You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.

Solution: You onboard Server1 to Microsoft Defender for Endpoint.

Does this meet the goal?

AYes
B No

Correct answer: B

Explanation:

Microsoft Sentinel uses an Azure Log Analytics workspace for data collection and storage. We have to install the Log Analytics agent, also referred to as Microsoft Monitoring Agent (MMA), on Server1 and configure the agent to report to the Log Analaytics workspace used by Microsoft Sentinel.

Use the Log Analytics agent if you need to:

  • Collect logs and performance data from Azure virtual machines or hybrid machines hosted outside of Azure.
  • Send data to a Log Analytics workspace to take advantage of features supported by Azure Monitor Logs, such as log queries.
  • Use VM insights, which allows you to monitor your machines at scale and monitor their processes and dependencies on other resources and external processes.
  • Manage the security of your machines by using Microsoft Defender for Cloud or Microsoft Sentinel.
  • Use Azure Automation Update Management, Azure Automation State Configuration, or Azure Automation Change Tracking and Inventory to deliver comprehensive management of your Azure and non-Azure machines.
  • Use different solutions to monitor a particular service or application.

References:

Microsoft Sentinel data connectors

Log Analytics agent overview



Question: 145
Measured Skill: Monitor and troubleshoot Windows Server environments (20-25%)

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. Determine whether the solution meets the stated goals.

You have an on-premises server named Server1 that runs Windows Server and you have a Microsoft Sentinel instance.

You add the Windows Firewall data connector in Microsoft Sentinel.

You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.

Solution: You install the Microsoft Integration Runtime on Server1.

Does this meet the goal?

AYes
B No

Correct answer: B

Explanation:

Microsoft Sentinel uses an Azure Log Analytics workspace for data collection and storage. We have to install the Log Analytics agent, also referred to as Microsoft Monitoring Agent (MMA), on Server1 and configure the agent to report to the Log Analaytics workspace used by Microsoft Sentinel.

Use the Log Analytics agent if you need to:

  • Collect logs and performance data from Azure virtual machines or hybrid machines hosted outside of Azure.
  • Send data to a Log Analytics workspace to take advantage of features supported by Azure Monitor Logs, such as log queries.
  • Use VM insights, which allows you to monitor your machines at scale and monitor their processes and dependencies on other resources and external processes.
  • Manage the security of your machines by using Microsoft Defender for Cloud or Microsoft Sentinel.
  • Use Azure Automation Update Management, Azure Automation State Configuration, or Azure Automation Change Tracking and Inventory to deliver comprehensive management of your Azure and non-Azure machines.
  • Use different solutions to monitor a particular service or application.

References:

Microsoft Sentinel data connectors

Log Analytics agent overview



Question: 146
Measured Skill: Monitor and troubleshoot Windows Server environments (20-25%)

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. Determine whether the solution meets the stated goals.

You have an on-premises server named Server1 that runs Windows Server and you have a Microsoft Sentinel instance.

You add the Windows Firewall data connector in Microsoft Sentinel.

You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.

Solution: You install the Azure Connected Machine agent on Server1.

Does this meet the goal?

AYes
B No

Correct answer: B

Explanation:

Microsoft Sentinel uses an Azure Log Analytics workspace for data collection and storage. We have to install the Log Analytics agent, also referred to as Microsoft Monitoring Agent (MMA), on Server1 and configure the agent to report to the Log Analaytics workspace used by Microsoft Sentinel.

Use the Log Analytics agent if you need to:

  • Collect logs and performance data from Azure virtual machines or hybrid machines hosted outside of Azure.
  • Send data to a Log Analytics workspace to take advantage of features supported by Azure Monitor Logs, such as log queries.
  • Use VM insights, which allows you to monitor your machines at scale and monitor their processes and dependencies on other resources and external processes.
  • Manage the security of your machines by using Microsoft Defender for Cloud or Microsoft Sentinel.
  • Use Azure Automation Update Management, Azure Automation State Configuration, or Azure Automation Change Tracking and Inventory to deliver comprehensive management of your Azure and non-Azure machines.
  • Use different solutions to monitor a particular service or application.

References:

Microsoft Sentinel data connectors

Log Analytics agent overview



Question: 147
Measured Skill: Secure Windows Server on-premises and hybrid infrastructures (25-30%)

You have an Azure subscription that contains an Azure key vault named Vault1.

You plan to deploy a virtual machine named VM1 that will run Windows Server.

You need to enable encryption at host for VM1. The solution must use customer-managed keys.

Which three actions should you perform in sequence?

(To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)

www.cert2brain.com

ASequence: 3, 2, 5
B Sequence: 2, 3, 5
C Sequence: 2, 4, 3
D Sequence: 3, 5, 1

Correct answer: D

Explanation:

When you enable encryption at host, that encryption starts on the VM host itself, the Azure server that your VM is allocated to. The data for your temporary disk and OS/data disk caches are stored on that VM host. After enabling encryption at host, all this data is encrypted at rest and flows encrypted to the Storage service, where it is persisted. Essentially, encryption at host encrypts your data from end-to-end. Encryption at host does not use your VM's CPU and doesn't impact your VM's performance.

Temporary disks and ephemeral OS disks are encrypted at rest with platform-managed keys when you enable end-to-end encryption. The OS and data disk caches are encrypted at rest with either customer-managed or platform-managed keys, depending on the selected disk encryption type. For example, if a disk is encrypted with customer-managed keys, then the cache for the disk is encrypted with customer-managed keys, and if a disk is encrypted with platform-managed keys then the cache for the disk is encrypted with platform-managed keys.

The article referenced below provides step-by-step instructions to enable encryption at host for an Azure VM.

Encryption at host is selected for the virtual machine and the previously created disk encryption set is selected for encryption. The disk encryption set uses the RSA key created in Vault1.

References:

Overview of managed disk encryption options

Use the Azure portal to enable end-to-end encryption using encryption at host



Question: 148
Measured Skill: Secure Windows Server on-premises and hybrid infrastructures (25-30%)

Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains three servers named Server1, Server2, and Server3 that run Windows Server. All the servers are on the same network and have network connectivity.

On Server1, Windows Defender Firewall has a connection security rule that has the following settings:
  • Rule Type: Server-to-server
  • Endpoint 1: Any IP address
  • Endpoint 2: Any IP address
  • Requirements: Require authentication for inbound connections and request authentication for outbound connections
  • Authentication Method: Computer (Kerberos V5)
  • Profile: Domain, Private, Public
  • Name: Rule1
Server2 has no connection security rules.

On Server3, Windows Defender Firewall has a connection security rule that has the following settings:
  • Rule Type: Server-to-server
  • Endpoint 1: Any IP address
  • Endpoint 2: Any IP address
  • Requirements: Request authentication for inbound and outbound connections
  • Authentication Method: Computer (Kerberos V5)
  • Profile: Domain, Private, Public
  • Name: Rule1
For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AWhen Server1 establishes a network connection with Server2, the connection is encrypted: Yes
Server2 can establish a network connection with Server3: Yes
When Server3 establishes a network connection with Server1, the connection is encrypted: Yes
B When Server1 establishes a network connection with Server2, the connection is encrypted: Yes
Server2 can establish a network connection with Server3: Yes
When Server3 establishes a network connection with Server1, the connection is encrypted: No
C When Server1 establishes a network connection with Server2, the connection is encrypted: No
Server2 can establish a network connection with Server3: Yes
When Server3 establishes a network connection with Server1, the connection is encrypted: No
D When Server1 establishes a network connection with Server2, the connection is encrypted: No
Server2 can establish a network connection with Server3: Yes
When Server3 establishes a network connection with Server1, the connection is encrypted: Yes
E When Server1 establishes a network connection with Server2, the connection is encrypted: No
Server2 can establish a network connection with Server3: No
When Server3 establishes a network connection with Server1, the connection is encrypted: Yes
F When Server1 establishes a network connection with Server2, the connection is encrypted: No
Server2 can establish a network connection with Server3: No
When Server3 establishes a network connection with Server1, the connection is encrypted: No

Correct answer: D

Explanation:

When Server1 establishes a network connection with Server2, Server1 requests authentication. Server2 has no connection security rules configured and cannot meet the requirement. The connection will be established but not encrypted.

Server3 requests but not requires authentication for inbound and outbound connections. Server2 can establish an unencrypted connection with Server3.

Server3 requests authentication for inbound and outbound connections. Server1 requires authentication for inbound connections. When Server3 establishes a network connection with Server1, the connection is encrypted.





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2024 by cert2brain.com