Latest AZ-801 Practice Tests with Actual Questions

AZ-801 Dumps

AZ-801 Braindumps AZ-801 Real Questions AZ-801 Practice Test

AZ-801 Actual Questions

killexams.com

Microsoft

AZ-801

Configuring Windows Server Hybrid Advanced Services

https://killexams.com/pass4sure/exam-detail/AZ-801

Question: 24

You have 100 Azure virtual machines that run Windows Server. The virtual machines are onboarded to Microsoft Defender for Cloud.

You need to shut down a virtual machine automatically if Microsoft Defender for Cloud generates the "Antimalware disabled in the virtual machine" alert for the virtual machine.

What should you use in Microsoft Defender for Cloud?

1. a logic app

2. a workbook

3. a security policy

4. adaptive network hardening

Answer: A
Explanation:

Reference: https://docs.microsoft.com/en-us/azure/defender-for-cloud/managing-and-responding-alerts

Question: 25

You have a server that runs Windows Server. The server is configured to encrypt all incoming traffic by using a connection security rule.

You need to ensure that Server1 can respond to the unencrypted tracert commands initiated from computers on the same network.

What should you do from Windows Defender Firewall with Advanced Security?

1. From the IPsec Settings, configure IPsec defaults.

2. Create a new custom outbound rule that allows ICMPv4 protocol connections for all profiles.

3. Change the Firewall state of the Private profile to Off.

4. From the IPsec Settings, configure IPsec exemptions.

Answer: D
Question: 26 HOTSPOT

The Default Domain Policy Group Policy Object (GPO) is shown in the GPO exhibit. (Click the GPO tab.)

The members of a group named Service Accounts are shown in the Group exhibit. (Click the Group tab.)

An organizational unit (OU) named Service Accounts is shown in the OU exhibit. (Click the OU tab.)

You create a Password Settings Object (PSO) as shown in the PSO exhibit. (Click the PSO tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/adac/introduction-to-

activedirectory-administrative-center-enhancements–level-100-#fine_grained_pswd_policy_mgmt

Question: 27

HOTSPOT

Your network contains an Active Directory Domain Services (AD DS) forest. The forest contains the domains shown in the following table.

You are implementing Microsoft Defender for Identity sensors.

You need to install the sensors on the minimum number of domain controllers. The solution must ensure that Defender for Identity will detect all the security risks in both the domains.

What should you identify? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Answer:

Explanation: Reference:

https://docs.microsoft.com/en-us/defender-for-identity/technical-faq#deployment https://docs.microsoft.com/en-us/defender-for-identity/install-step4

Question: 28

You have an Azure virtual machine named VM1 that runs Windows Server. You plan to deploy a new line-of- business (LOB) application to VM1. You need to ensure that the application can create child processes.

What should you configure on VM1?

1. Microsoft Defender Credential Guard

2. Microsoft Defender Application Control

3. Microsoft Defender SmartScreen

4. Exploit protection

Answer: D
Explanation:

Reference: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-exploit-protection? view=o365-worldwide

Question: 29

You have an Azure virtual machine named VM1 that runs Windows Server.

You need to encrypt the contents of the disks on VM1 by using Azure Disk Encryption. What is a prerequisite for implementing Azure Disk Encryption?

1. Customer Lockbox for Microsoft Azure

2. an Azure key vault

3. a BitLocker recovery key

4. data-link layer encryption in Azure

Answer: B

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-overview

Question: 30

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have

more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a server named Server1 that runs Windows Server.

You need to ensure that only specific applications can modify the data in protected folders on Server1. Solution: From Virus & threat protection, you configure Tamper Protection.

Does this meet the goal?

1. Yes

2. No

Answer: B
Explanation:

Reference: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-controlled-folders? view=o365-worldwide

Question: 31

You are planning the migration of Archive1 to support the on-premises migration plan.

What is the minimum number of IP addresses required for the node and cluster roles on Cluster3?

1. 2

2. 3

3. 4

4. 5

Answer: B
Explanation:

One IP for each of the two nodes in the cluster and one IP for the cluster virtual IP (VIP). Implement and manage Windows Server high availability Question Set 2