AZ-800 無料問題集「Microsoft Administering Windows Server Hybrid Core Infrastructure」

Hotspot Question
Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains the domain controllers shown in the following table.

You need to configure DC3 to be the authoritative time server for the domain.
Which operations master role should you transfer to DC3, and which console should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have an Azure virtual machine named VM1 that runs Windows Server and has the following configurations:
* Size: D2s_v4
* Operating system disk: 127-GiB standard SSD
* Data disk 128-GiB standard SSD
* Virtual machine generation: Gen 2
You plan to perform the following changes to VM1:
* Change the virtual machine size to D4s_v4.
* Detach the data disk.
* Add a new standard SSD.
Which changes require downtime for VM1?

Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains the servers shown in the following table.

You need to ensure that from Server1, you can use Windows Admin Center to manage the DHCP Server role on Server2.
What should you do first?

Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains two servers named Server1 and Server2 and the users shown in the following table.

Which users can establish a PowerShell remoting session from Server1 to Server2?

Your network contains an Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains the servers shown in the following table.

You need to create a Distributed File System (DFS) namespace that will contain the following:
- A domain-based namespace named \\contoso.com\Public
- A folder named Finance
Which servers can you configure as folder targets for the Finance folder?

Case Study 3 - ADatum Corporation
Overview
Company Information
ADatum Corporation is a manufacturing company that has a main office in Seattle and two branch offices in Los Angeles and Montreal.
Fabrikam Partnership
ADatum recently partnered with 2 company named Fabrikam, Inc.
Fabrikam is a manufacturing company that has a main office in Boston and a branch office in Orlando.
Both companies intend to collaborate on several joint projects.
Existing Environment
ADatum AD DS Environment
The on-premises network of ADatum contains an Active Directory Domain Services (AD DS) forest named adatum.com.
The forest contains two domains named adatum.com and east.adatum.com and the domain controllers shown in the following table.

Fabrikam AD DS Environment
The on-premises network of Fabrikam contains an AD DS forest named fabrikam.com.
The forest contains two domains named fabrikam.com and south.fabrikam.com.
The fabrikam.com domain contains an organizational unit (OU) named Marketing.
Server Infrastructure
The adatum.com domain contains the servers shown in the following table.

HyperV1 contains the virtual machines shown in the following table.

All the virtual machines on HyperV1 have only the default management tools installed.
SSPace1 contains the Storage Spaces virtual disks shown in the following table.

Azure Resources
ADatum has an Azure subscription that contains an Azure AD tenant. Azure AD Connect is configured to sync the adatum.com forest with Azure AD.
The subscription contains the virtual networks shown in the following table.

The subscription contains the Azure Private DNS zones shown in the following table.

The subscription contains the virtual machines shown in the following table.

All the servers are in a workgroup.
The subscription contains a storage account named storage1 that has a file share named share1.
Requirements
Planned Changes
ADatum plans to implement the following changes:
- Sync Data1 to share1.
- Configure an Azure runbook named Task1.
- Enable Azure AD users to sign in to Server1.
- Create an Azure DNS Private Resolver that has the following configurations:
- Name: Private1
- Region: West US
- Virtual network: VNet1
- Inbound endpoint: SubnetB
- Enable users in the adatum.com domain to access the resources in the south.fabrikam.com domain.
Technical Requirements
ADatum identifies the following technical requirements:
- The data on SSPace1 must be available always.
- DC2 must become the schema master if DC1 fails.
- VM3 must be configured to enable per-folder quotas.
- Trusts must allow access to only the required resources.
- The users in the Marketing OU must have access to storage1.
- Azure Automanage must be used on all supported Azure virtual machines.
- A direct SSH session must be used to manage all the supported virtual machines on HyperV1.
You need to implement the planned changes for the Azure DNS Private Resolver.
Which private DNS zones can you use for name resolution?

Drag and Drop Question
You have a server named Server1.
You plan to use Storage Spaces to expand the storage available to Server1. You attach eight physical disks to Server1. Four disks are HDDs and four are SSDs.
You need to create a volume on Server1 that will use the storage on all the new disks. The solution must provide the fastest read performance for frequently used files.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Drag and Drop Question
You have an Azure subscription. The subscription contains a virtual machine named VM1 that runs Windows Server. VM1 contains a 128-GB operating system disk.
You need to increase the size of volume C on VM1 to 250 GB.
Which four actions should you perform in sequence.
To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You have an Active Directory Domain Services (AD DS) domain. The domain contains a member server named Server1 that runs Windows Server.
You need to ensure that you can manage password policies for the domain from Server1.
Which command should you run first on Server1?

Note: This section contains one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem. You must determine whether the solution meets the stated goals. More than one solution in the set might solve the problem. It is also possible that none of the solutions in the set solve the problem.
After you answer a question in this section, you will NOT be able to return. As a result, these questions do not appear on the Review Screen.
Your network contains an Active Directory Domains Services (AD DS) domain named contoso.com.
You implement a central store.
You create a new Group Policy Object (GPO) named GPO1.
When you attempt to edit GPO1, you see the settings shown in the exhibit. (Click the Exhibit tab.)

You need to ensure that all settings are available.
Solution: You modify the properties of GPO1.
Does this meet the goal?

Hotspot Question
You have a Windows Server 2022 container host named Host1 and a container registry that contains the container images shown in the following table.

You need to run the containers on Host1.
Which isolation mode can you use for each image? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Case Study 2 - Contoso, Ltd
Overview
Contoso, Ltd. is a company that has a main office in Seattle and two branch offices in Los Angeles and Montreal.
Existing Environment
AD DS Environment
The network contains an on premises Active Directory Domain Services (AD DS) forest named contoso.com. The forest contains two domains named contoso.com and canada.contoso.com.
The forest contains the domain controllers shown in the following table.

All the domain controllers are global catalog servers.
Server infrastructure
The network contains the servers shown in the following table.

A server named Server4 runs Windows Server and is in a workgroup. Windows Firewall on Server4 uses the private profile.
Server2 hosts three virtual machines named VM1, VM2, and VM3.
VM3 is a file server that stores data in the volumes shown in the following table.

Group Policies
The contoso.com domain has the Group Policies Objects (GPOs) shown in the following table.

Existing Identities
The forest contains the users shown in the following table.

The forest contains the groups shown in the following table.

Current Problems
When an administrator signs in to the console of VM2 by using Virtual Machine Connection, and then disconnects from the session without signing out, another administrator can connect to the console session as the currently signed in user.
Requirements
Technical Requirements
Contoso identifies the following technical requirements:
* Change the replication schedule for all site links to 30 minutes.
* Promote Server1 to a domain controller in canada.contoso.com.
* Install and authorize Server3 as a DHCP server.
* Ensure that User1 can manage the membership of all the groups in Contoso\OU3.
* Ensure that you can manage Server4 from Server1 by using PowerShell remoting.
* Ensure that you can run virtual machines on VM1.
* Force users to provide credentials when they connect to VM2.
* On VM3, ensure that Data Deduplication on all volumes is possible.
Question
Hotspot Question
You need to meet the technical requirements for Server4.
Which cmdlets should you run on Server1 and Server4? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Your network contains a DHCP server.
You plan to add a new subnet and deploy Windows Server to the subnet.
You need to use the server as a DHCP relay agent.
Which role should you install on the server?

Your network contains an Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains two servers named Server1 and Server2.
Server1 contains a disk named Disk2. Disk2 contains a folder named UserData. UserData is shared to the Domain Users group. Disk2 is configured for deduplication. Server1 is protected by using Azure Backup.
Server1 fails.
You connect Disk2 to Server2.
You need to ensure that you can access all the files on Disk2 as quickly as possible.
What should you do?

Hotspot Question
Your on-premises network contains an Active Directory Domain Services (AD DS) domain. The domain contains the servers shown in the following table.

The domain controllers do NOT have internet connectivity.
You plan to implement Azure AD Password Protection for the domain.
You need to deploy Azure AD Password Protection agents. The solution must meet the following requirements:
- All Azure AD Password Protection policies must be enforced.
- Agent updates must be applied automatically.
- Administrative effort must be minimized.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Which of the following schedulers provide a fair share and preemptive round-robin scheduling approach for guest virtual processors in Windows Server 2016 Hyper-V?

Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains a server named Server1.
On Server1, you install Windows Admin Center and use Windows Admin Center to remove BUILTIN\Users from the allowed groups.
You discover that all users can still sign in to Windows Admin Center.
You need to prevent unauthorized users from signing in to Windows Admin Center.
What should you do in Windows Admin Center?

Hotspot Question
You have a file server named Server1 that runs Windows Server and contains the volumes shown in the following table.

On which volumes can you use BitLocker Drive Encryption (BitLocker) and disk quotas? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant.
You have several Windows 10 devices that are Azure AD hybrid-joined.
You need to ensure that when users sign in to the devices, they can use Windows Hello for Business.
Which optional feature should you select in Azure AD Connect?