AZ-801 Dumps

AZ-801 Braindumps AZ-801 Real Questions AZ-801 Practice Test

AZ-801 Actual Questions

killexams.com

Microsoft

AZ-801

Configuring Windows Server Hybrid Advanced Services

https://killexams.com/pass4sure/exam-detail/AZ-801

Question: 474

You manage a Windows Server 2022 failover cluster with three nodes and a Storage Spaces Direct (S2D) volume of 2 TB . The cluster uses a witness disk hosted in Azure Blob Storage. You need to calculate the minimum Azure Blob Storage size required for the witness disk, given a write throughput of 5 MB/s during peak failover events lasting 10 minutes.

1. 512 MB

2. 3 GB

3. 1 GB

4. 256 MB

r: B

nation: Peak write throughput is 5 MB/s for 10 minutes (600 seconds). Total data written = 5 MB/ 00 MB = 3 GB . The witness disk must accommodate this (3 GB) is correct.

on: 475

troubleshooting a Windows Server 2022 VM in Azure that fails to boot after a disk encryption u ed to access the boot logs using Azure Serial Console. Which command should you enter after ac ecial Administration Console (SAC)?

ump

si 1

tcfg /scan

r: C

nation: In the Azure Serial Console’s SAC, the command "ch -si 1" switches to the first channel t a command prompt, where you can then run "dir" or "type" to view boot logs (e.g., boot.log). The either don’t apply to SAC or are invalid in this context.

nce: https://docs.microsoft.com/en-us/azure/virtual-machines/troubleshooting/serial-console-windo

Answe

Expla s * 600

s = 30

Questi

You are pdate.

You ne cessing

the Sp

1. cmd

2. log d

3. ch -

4. boo

Answe

Expla o

launch other

options

Refere ws

Question: 476

You have a server named Server1 running Windows Server 2022. You need to configure a custom Performance Monitor data collector set to log CPU usage and disk I/O every 10 seconds to a file named "perfdata.blg" for 24 hours. Which PowerShell command should you use?

1. New-PerfCounterDataCollectorSet -Name "PerfSet" -Counter "\Processor(_Total)\% Processor Time", "\PhysicalDisk(_Total)\Disk Bytes/sec" -SampleInterval 10 -LogFile "perfdata.blg" -Duration "24:00:00"

2. Add-PerformanceLog -Name "PerfSet" -Metrics "\Processor(_Total)\% Processor Time", "\PhysicalDisk(_Total)\Disk Bytes/sec" -Frequency 10 -File "perfdata.blg" -Hours 24

3. Set-PerfMonitor -Name "PerfSet" -Counters "CPU", "DiskIO" -Interval 10 -Output "perfdata.blg" -Time 24h

4. logman create counter "PerfSet" -c "\Processor(_Total)\% Processor Time" "\PhysicalDisk(_Total)\Disk Bytes/sec" -si 10 -f bin -o "perfdata.blg" -max 1440

Answer: D

Explanation: The logman create counter command creates a data collector set, specifying counters, sample interval (seconds), binary file output, and maximum duration in minutes (1440 minutes = 24 hours). Option B uses correct syntax. Other options use invalid cmdlets or parameters.

Reference: https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/logman

on: 477

ed to configure a 5-node cluster with a floating IP of 10.0.0.200 for a SQL Server FCI. What is t um number of IP addresses required?

r: D

nation: 5 nodes = 5 IPs, 1 floating IP for SQL FCI = 6 total. The cluster IP is separate from the r CI setup.

on: 478

securing a hybrid AD environment. You need to prevent users from reusing the last 10 password Group Policy setting should you configure?

imum Password Age = 10 days ximum Password Age = 10 days

sword Must Meet Complexity = Enabled

Questi

You ne he

minim

1. 7

2. 5

3. 4

4. 6

Answe

Expla ole IP

in an F

Questi

You are s.

Which

1. Min

2. Ma

3. Pas

4. Enforce Password History = 10

Answer: D

Explanation: Enforce Password History = 10 ensures users cannot reuse their last 10 passwords. Minimum/Maximum Password Age controls duration, not history, and complexity enforces character rules, not reuse prevention.

Question: 479

You are securing an Azure VM running Windows Server 2022 with Microsoft Defender for Endpoint. You need to block a specific executable (malware.exe) using a custom indicator of compromise (IoC). Which PowerShell cmdlet should you use?

1. New-MpPreference -ExclusionPath "C:\malware.exe"

2. Set-MpPreference -AttackSurfaceReductionRules_Ids "BlockExe"

3. Set-MpPreference -DisableRealtimeMonitoring $false -IoC "malware.exe"

4. Add-MpPreference -IndicatorOfCompromise "malware.exe" -Action Block

Answer: D

nation: Add-MpPreference with an IoC allows you to define and block specific executables in Mi er for Endpoint, ensuring precise control over malware mitigation.

nce: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/indicator-file

on: 480

ve a Storage Spaces Direct (S2D) cluster named Cluster2 with six nodes running Windows Server ed to create a 12 TB three-way mirror volume using 4 TB disks with ReFS and calculate the mini of disks required. Which PowerShell command should you use, and how many disks are needed?

sks; New-StoragePool -FriendlyName "S2D" -ResiliencySettingName ThreeWayMirror -Size 12T isks; New-Volume -StoragePoolFriendlyName "Cluster2" -FileSystem CSVFS_ReFS -MirrorLev 2TB

sks; New-Volume -StoragePoolFriendlyName "Cluster2" -FileSystem ReFS -ResiliencySettingNa

-NumberOfDataCopies 3 -Size 12TB

isks; New-Volume -StoragePoolFriendlyName "Cluster2" -FileSystem ReFS -PhysicalDiskRedun 12TB

sks; New-Volume -StoragePoolFriendlyName "Cluster2" -FileSystem CSVFS_ReFS - ncySettingName Mirror -Size 12TB

r: C

nation: A three-way mirror requires 3 copies, so 12 TB usable needs 36 TB raw capacity (12 TB x TB disks, 9 disks are required (36 TB / 4 TB). The correct command uses New-Volume with -

Expla crosoft

Defend Refere

Questi

You ha 2022.

You ne mum

number

1. 8 di B

2. 10 d el 3 -

   Size 1

3. 9 di me

   Mirror

4. 12 d dancy

   3 -Size

5. 9 di Resilie

Answe

Expla 3).

With 4

NumberOfDataCopies 3 and -FileSystem ReFS for S2D) Option A matches this requirement. Reference: https://docs.microsoft.com/en-us/windows-server/storage/storage-spaces/plan-volumes

Question: 481

You manage a hybrid environment with an on-premises Windows Server 2022 domain controller and Azure AD Connect. You need to synchronize a custom AD DS attribute "departmentCode" to Azure AD as "extensionAttribute2" with a transformation rule that prepends "D-". Which two PowerShell commands should

you use?

1. New-ADSyncRule -Name "TransformDept" -SourceADAttribute "departmentCode" -TargetAttribute "extensionAttribute2" -ValueRule ' "D-" + [departmentCode]'

2. Set-ADSyncAttributeFlow -Source "departmentCode" -Target "extensionAttribute2" -Transformation ' "D-"

   + $source'

3. New-ADSyncRule -Name "TransformDept" -SourceADAttribute "departmentCode" -TargetAttribute "extensionAttribute2" -FlowType Expression -Expression ' "D-" + [departmentCode]'

4. Update-ADSyncSchema -Attribute "departmentCode" -MapTo "extensionAttribute2" -Prefix "D-"

5. Set-ADSyncConnector -Name "ADConn" -Attribute "departmentCode" -CustomValue "D-[departmentCode]"

nation: `New-ADSyncRule` with `-FlowType Expression` and `-Expression ' "D-" + [department a transformation rule to prepend "D-" to "departmentCode" and map it to "extensionAttribute2." pe, B/D/E use incorrect cmdlets or syntax.

on: 482

anage a Windows Server 2022 server with a failover cluster. You need to configure a File Share W zure file share. Which command sets this up?

ClusterQuorum -FileShareWitness "\storage.file.core.windows.net\share" -Credential $cred

-ClusterWitness -Type FileShare -Path "\storage.file.core.windows.net\share" ClusterResource -Name "Witness" -Share "\storage.file.core.windows.net\share" d-ClusterQuorum -FileShare "\storage.file.core.windows.net\share" -Auth $cred

r: A

nation: Set-ClusterQuorum -FileShareWitness configures a file share witness with credentials for Azure res. Other commands are invalid or incorrect.

on: 483

Answer: C

Expla Code]'`

creates A lacks

flow ty

Questi

You m itness

on an A

1. Set-

2. New

3. Set-

4. Ad

Answe Expla

file sha

Questi

You have a Windows Server failover cluster with a Hyper-V VM named VM11. You need to configure VM11 for live migration with a maximum of 2 simultaneous migrations and Kerberos authentication. Which PowerShell command should you use?

1. Set-VMHost -VirtualMachineMigrationAuthenticationType Kerberos -MaximumVirtualMachineMigrations 2

   
   

2. Enable-VMMigration -VMName "VM11" -AuthType Kerberos -MaxMigrations 2

3. Set-VMCluster -Name "Cluster1" -LiveMigrationLimit 2 -Authentication "Kerberos"

4. Configure-VMLiveMigration -VMName "VM11" -Kerberos -ConcurrentMigrations 2

Answer: A

Explanation: The Set-VMHost cmdlet configures live migration settings, including authentication type (Kerberos) and the maximum number of simultaneous migrations.

Question: 484

You have an Azure virtual machine named VM1 running Windows Server 2022 with Azure Arc enabled. You need to configure a custom script extension to execute a PowerShell script that modifies registry settings every time the VM restarts. The script must run with administrative privileges and log output to a file named "scriptlog.txt" in the C:\Logs directory. Which command should you use to deploy this extension?

AzVMCustomScriptExtension -ResourceGroupName "RG1" -VMName "VM1" -Name "RegScrip "https://storage.blob.core.windows.net/scripts/regscript.ps1" -RunAsAdmin -OutputPath gs\scriptlog.txt"

-AzVMExtension -ResourceGroupName "RG1" -VMName "VM1" -Name "RegScript" -Publishe soft.Compute" -ExtensionType "CustomScriptExtension" -TypeHandlerVersion "1.10" -Settings eUris" = "https://storage.blob.core.windows.net/scripts/regscript.ps1"; "commandToExecute" = shell.exe -File regscript.ps1"}

AzVMCustomScriptExtension -ResourceGroupName "RG1" -VMName "VM1" -Name "RegScrip "https://storage.blob.core.windows.net/scripts/regscript.ps1" -Run "powershell.exe -ExecutionPoli ricted -File regscript.ps1 > C:\Logs\scriptlog.txt"

oke-AzVMRunCommand -ResourceGroupName "RG1" -VMName "VM1" -CommandId owerShellScript" -ScriptPath "regscript.ps1" -Parameter @{"LogPath" = "C:\Logs\scriptlog.txt"}

r: C

nation: The Set-AzVMCustomScriptExtension cmdlet is used to deploy a custom script extension

M. The -Run parameter specifies the command to execute, and redirecting output with ">" ensur to "scriptlog.txt". The script runs with elevated privileges by default. Option C is invalid as -

Admin and -OutputPath are not parameters of this cmdlet. Option D uses Invoke-AzVMRunCom is for one-time execution, not recurring on restart.

nce: https://docs.microsoft.com/en-us/powershell/module/az.compute/set-azvmcustomscriptextensi

on: 485

Answe

Expla to an

Azure V es

logging

RunAs mand,

which

Refere on

Questi

To migrate 500 GB of data from an on-premises Windows Server 2019 to Azure Blob Storage using AzCopy, which command ensures the fastest transfer with MD5 checksum validation?

1. azcopy copy "C:\data\*" "https://mystorage.blob.core.windows.net/container" --md5-checksum

2. azcopy sync "C:\data" "https://mystorage.blob.core.windows.net/container" --validate-md5

3. azcopy cp "C:\data" "https://mystorage.blob.core.windows.net/container" --recursive --check-md5

4. azcopy transfer "C:\data" "https://mystorage.blob.core.windows.net/container" --recursive --md5

Answer: C

Explanation: azcopy cp with --recursive uploads directories and --check-md5 validates integrity using MD5,

optimizing speed with parallel transfers. Sync is for synchronization, not one-time upload. Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-use-azcopy

Question: 486

ble-PSRemoting -Force

all-WindowsFeature -Name RSAT-AD-PowerShell

Item -Path WSMan:\localhost\Client\Auth\AzureAD -Value $true PSSessionConfiguration -Name Microsoft.PowerShell -Authentication AzureAD

r: C

nation: To enable Azure AD authentication for remote PowerShell sessions on a Windows Server, onfigure the WSMan client authentication settings to allow Azure AD . The command Set-Item -P n:\localhost\Client\Auth\AzureAD -Value $true enables this. Enable-PSRemoting only enables re

specifying Azure AD, Install-WindowsFeature installs tools but doesn’t configure authentication, SessionConfiguration is incorrect as it applies to session configurations, not Azure AD auth.

on: 487

ubleshoot a Windows Server 2022 VM in Azure with high CPU usage, which Event ID in the Syst es a process exceeding 90% CPU for over 5 minutes?

nt ID 1001

nt ID 2004

nt ID 2031

nt ID 1074

r: B

You manage a hybrid environment with an on-premises Windows Server 2022 failover cluster named Cluster1 synchronized with Azure AD . You need to configure Cluster1 to use Azure AD authentication for cluster management over a remote PowerShell session. Which command should you run on each cluster node to enable this?

1. Ena

2. Inst

3. Set-

4. Set-

Answe

Expla you

must c ath

WSMa moting

without and

Set-PS

Questi

To tro em log

indicat

1. Eve

2. Eve

3. Eve

4. Eve

Answe

Explanation: Event ID 2004 from the Resource-Exhaustion-Detector indicates a process consuming excessive CPU (e.g., >90% for 5+ minutes). Other IDs relate to different issues (shutdown, app errors).

Reference: https://docs.microsoft.com/en-us/windows-server/administration/windows-event-log

Question: 488

Your hybrid network includes an on-premises Windows Server 2022 server named SRV4. You need to deploy Azure Arc and configure it to use a custom proxy server at http://proxy1:8080 with NTLM authentication.

Which command should you run?

1. azcmagent config set proxy.url "http://proxy1:8080" --authentication NTLM

2. Connect-AzArcServer -Proxy "http://proxy1:8080" -AuthType "NTLM" -ResourceGroup "RG1"

3. azcmagent connect --proxy "http://proxy1:8080" --auth NTLM --resource-group "RG1" --tenant-id "tenant1"

4. Install-AzArcAgent -ProxyServer "http://proxy1:8080" -Authentication "NTLM"

Answer: C

on: 489

anage a Windows Server 2022 Hyper-V cluster with two nodes, HV1 and HV2, hosting a VM na ou need to configure Hyper-V Replica to an Azure VM with a replication frequency of 30 secon

as a 100 GB VHDX and generates 10 MB/s of write IOPS. Which setting must you configure to ensure tion succeeds?

ble-VMReplication -VMName "VM1" -Destination "AzureVM1" -Frequency 30 -CompressionEn VMReplication -VMName "VM1" -ReplicationFrequencySec 30 -RecoveryHistory 2 VMReplication -VMName "VM1" -ReplicationFrequencySec 30 -VSSSnapshotFrequency 1

ble-VMReplication -VMName "VM1" -ReplicaServerName "AzureVM1" -ReplicationFrequencyS

r: B

nation: Hyper-V Replica to Azure requires the Set-VMReplication cmdlet to adjust the replication ncy to 30 seconds. The RecoveryHistory parameter ensures recovery points are retained.

on: 490

configuring a Windows Server 2022 VM to use Azure Disk Encryption with a custom key encry EK) stored in Azure Key Vault. Which command enables this?

Explanation: The azcmagent connect command configures Azure Arc connectivity, and option correctly specifies the proxy and NTLM authentication.

Questi

You m med

VM1. Y ds.

VM1 h

replica

1. Ena abled

2. Set-

3. Set-

4. Ena ec 30

Answe Expla

freque

Questi

You are ption

key (K

1. Enable-AzDiskEncryption -VMName "VM1" -KEK "https://vault.vault.azure.net/keys/KEK1"

2. Set-AzVMDiskEncryptionExtension -ResourceGroupName "RG1" -VMName "VM1" -KeyVaultUrl "https://vault.vault.azure.net" -KeyEncryptionKey "KEK1"

3. New-AzDiskEncryptionPolicy -KeyVault "vault" -KEKName "KEK1"

4. Set-AzVMEncryption -ResourceGroupName "RG1" -VMName "VM1" -KeyEncryptionKeyUrl "https://vault.vault.azure.net/keys/KEK1"

Answer: B

Explanation: Set-AzVMDiskEncryptionExtension enables Azure Disk Encryption with a KEK from Azure Key Vault, specifying the vault URL and key name for secure encryption.

Reference: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-powershell