Log-in   Register  

Skip Navigation Links
 

Microsoft - AZ-801: Configuring Windows Server Hybrid Advanced Services

Sample Questions

Question: 285
Measured Skill: Monitor and troubleshoot Windows Server environments (20-25%)

You have an Azure virtual machine named VM1 that runs Windows Server.

VM1 fails to start properly.

You need to review the serial log to identify the issue.

What should you use from the VM1 blade in the Azure portal?

ADiagnose and solve problems
B Boot diagnostics
C Change tracking
D Performance diagnostics
E Resource health

Correct answer: B

Explanation:

Boot diagnostics is a debugging feature for Azure virtual machines (VM) that allows diagnosis of VM boot failures. Boot diagnostics enables a user to observe the state of their VM as it is booting up by collecting serial log information and screenshots.

When you create a VM in Azure portal, boot diagnostics is enabled by default. The recommended boot diagnostics experience is to use a managed storage account, as it yields significant performance improvements in the time to create an Azure VM. An Azure managed storage account is used, removing the time it takes to create a user storage account to store the boot diagnostics data.

The boot diagnostics data blobs (which comprise of logs and snapshot images) are stored in a managed storage account.

Reference: Azure boot diagnostics



Question: 286
Measured Skill: Monitor and troubleshoot Windows Server environments (20-25%)

You have a server named Server1 that runs Windows Server.

You need to capture the SYN packets exchanged between Server1 and an IP address of 192.168.0.100.

How should you complete the command?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AMessageAnalyzer filter add -i 192.168.0.100 -t udp syn
B MessageAnalyzer filter add -i 192.168.0.100 -t icmp syn
C netmon filter add -i 192.168.0.100 -t tcp syn
D netmon filter add -i 192.168.0.100 -t udp syn
E pktmon filter add -i 192.168.0.100 -t tcp syn
F pktmon filter add -i 192.168.0.100 -t icmp syn

Correct answer: E

Explanation:

Packet Monitor (Pktmon) is an in-box, cross-component network diagnostics tool for Windows. It can be used for advanced packet capture and event collection, drop detection, filtering, and counting. Pktmon is especially helpful in virtualization scenarios such as container networking and SDN, because it provides visibility within the networking stack.

Pktmon filter add allows you to add a filter to control which packets are reported. For a packet to be reported, it must match all conditions specified in at least one filter. Up to 32 filters can be active at once.

Examples

The following filter will capture all the SYN packets sent or received by the IP address 10.0.0.10:

C:\Test> pktmon filter add -i 10.0.0.10 -t tcp syn

References:

pktmon

pktmon filter add



Question: 287
Measured Skill: Monitor and troubleshoot Windows Server environments (20-25%)

Your on-premises datacenter contains a server named Server1 that runs Windows Server.

You install the System Insights feature on Server1.

You discover that some of the System Insights capabilities are NOT installed.

Which two capabilities should be installed manually on Server1?

(Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.)

ACPU capacity forecasting
B Physical disk anomaly detection (IOPS)
C Networking capacity forecasting
D Physical disk anomaly detection (Latency)
E Total storage consumption forecasting

Correct answer: B, D

Explanation:

System Insights capabilities in Windows Server use predictive analytics to help administrators forecast resource usage and optimize server performance.

A System Insights capability is a machine learning or statistics model that analyzes system data to give you more insight into your deployment. System Insights includes a set of default capabilities, and you can add new capabilities dynamically without updating the operating system.

The four default capabilities available are:

  • CPU capacity forecasting
  • Networking capacity forecasting
  • Total storage consumption forecasting
  • Volume consumption forecasting

Each capability runs locally on a Windows Server instance, and you can manage each capability individually.

Each capability analyzes past historical data to predict future usage, and all of the forecasting capabilities are designed to forecast long-term trends rather than short-term behavior, helping administrators correctly provision hardware and tune their workloads to avoid future resource contention. Because these capabilities focus on long-term usage, these capabilities analyze daily data.

References:

System Insights capabilities in Windows Server

Manage System Insights capabilities in Windows Admin Center

Add and develop capabilities in System Insights



Question: 288
Measured Skill: Monitor and troubleshoot Windows Server environments (20-25%)

You have an Azure subscription that uses Azure Monitor.

You need to create an alert rule that will generate an alert when an Azure virtual machine is turned off.

Which type of signal should you use?

AActivity log
B Service health
C Log

Correct answer: A

Explanation:

Alerts help you detect and address issues before users notice them by proactively notifying you when Azure Monitor data indicates there might be a problem with your infrastructure or application.

You can alert on any metric or log data source in the Azure Monitor data platform.

Activity log alerts are triggered when a new activity log event occurs that matches defined conditions.

Reference: What are Azure Monitor alerts?



Question: 289
Measured Skill: Monitor and troubleshoot Windows Server environments (20-25%)

You have the resources shown in the following table.



Your on-premises network is connected to VNet1 by using a Site-to Site VPN.

The network traffic sent from Server1 fails to reach VM1.

You need to review the contents of the network traffic sent from Server1 to VM1.

What should you do first?

AFrom Server1, enable Windows Firewall logs.
B From Windows Admin Center, enable the Packet Monitoring extension.
C From NSG1, enable NSG flow logs.
D From Azure Network Watcher, add a packet capture.

Correct answer: C

Explanation:

Network security group (NSG) flow logging is a feature of Azure Network Watcher that allows you to log information about IP traffic flowing through a network security group. Flow data is sent to Azure Storage from where you can access it and export it to any visualization tool, security information and event management (SIEM) solution, or intrusion detection system (IDS) of your choice.

How NSG flow logs work

Key properties of NSG flow logs include:

  • Flow logs operate at Layer 4 of the Open Systems Interconnection (OSI) model and record all IP flows going in and out of a network security group.
  • Logs are collected at 1-minute intervals through the Azure platform. They don't affect your Azure resources or network performance in any way.
  • Logs are written in JSON format and show outbound and inbound flows per network security group rule.
  • Each log record contains the network interface (NIC) that the flow applies to, 5-tuple information, the traffic decision, and (for version 2 only) throughput information.
  • NSG flow logs have a retention feature that allows deleting the logs automatically up to a year after their creation.

Reference: Flow logging for network security groups





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 
© Copyright 2014 - 2025 by cert2brain.com