AZ-800 無料問題集「Microsoft Administering Windows Server Hybrid Core Infrastructure」
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Your network contains an Active Directory Domain Services (AD DS) domain named conioso.com.
You need to identify which server is the PDC emulator for the domain.
Solution: from Active Directory Users and Computers, you right-click contoso.com in the console tree, and then select Operations Master Does this meet the goal?
You need to identify which server is the PDC emulator for the domain.
Solution: from Active Directory Users and Computers, you right-click contoso.com in the console tree, and then select Operations Master Does this meet the goal?
正解:A
解答を投票する
Which three actions should you perform in sequence to meet the security requirements for Webapp1? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
Explanation:
nce: https://docs.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group- managed-service-accounts-overview
You have a server named Server1 that has Windows Admin Center installed. The certificate used by Windows Admin Center was obtained from a certification authority (CA).
The certificate expires.
You need to replace the certificate.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
The certificate expires.
You need to replace the certificate.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
Explanation:
Reference:
https://www.starwindsoftware.com/blog/change-the-windows-admin-center-certificate
Your network contains an on -premises Active Directory Domain Services (AD DS) domain named contoso.
com The domain contains the objects shown in the following table.
You plan to sync contoso.com with an Azure Active Directory (Azure AD) tenant by using Azure AD Connect You need to ensure that all the objects can be used in Conditional Access policies What should you do?
com The domain contains the objects shown in the following table.
You plan to sync contoso.com with an Azure Active Directory (Azure AD) tenant by using Azure AD Connect You need to ensure that all the objects can be used in Conditional Access policies What should you do?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You have an on-premises server named Server1 that runs Windows Server and has internet connectivity.
You have an Azure subscription.
You need to monitor Server1 by using Azure Monitor.
Which resources should you create in the subscription, and what should you install on Server1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an Azure subscription.
You need to monitor Server1 by using Azure Monitor.
Which resources should you create in the subscription, and what should you install on Server1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Reference:
https://docs.microsoft.com/en-us/windows-server/manage/windows-admin-center/azure/azure-monitor
Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains the domain controllers shown in the following table.
You need to configure DC3 to be the authoritative time server for the domain.
Which operations master role should you transfer to DC3, and which console should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to configure DC3 to be the authoritative time server for the domain.
Which operations master role should you transfer to DC3, and which console should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You have five tile servers that run Windows Server.
You need to block users from uploading video files that have the .mov extension to shared folders on the file servers. All other types of files must be allowed. The solution must minimize administrative effort.
What should you create?
You need to block users from uploading video files that have the .mov extension to shared folders on the file servers. All other types of files must be allowed. The solution must minimize administrative effort.
What should you create?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Task 9
You need to ensure that all the computers in the domain use DNSSEC to resolve names in the adatum.com zone.
You need to ensure that all the computers in the domain use DNSSEC to resolve names in the adatum.com zone.
正解:
See the solution of this Task below.
Explanation:
To ensure that all computers in the domain use DNSSEC to resolve names in the adatum.com zone, you'll need to configure both the DNS servers and the client computers. Here's how you can do it:
Step 1: Sign the adatum.com Zone First, you need to sign the adatum.com DNS zone. This can be done using the DNS Manager or PowerShell. Here's a PowerShell example:
Add-DnsServerSigningKey -ZoneName "adatum.com" -CryptoAlgorithm RsaSha256 Set-DnsServerDnsSecZoneSetting -ZoneName "adatum.com" -DenialOfExistence NSEC3 - NSEC3Parameters 1,0,10,"" This will add a signing key and configure DNSSEC for the zone with NSEC3 parameters.
Step 2: Configure DNS Servers Ensure that your DNS servers are configured to support DNSSEC. This includes setting up trust anchors for the zones that you want to validate and configuring the DNS servers to provide DNSSEC validation for DNS queries.
Step 3: Configure DNS Clients For DNSSEC validation to occur on the client side, the client computers must be configured to trust the DNS server's validation process. This typically involves configuring the client's DNS settings to point to a DNS server that supports DNSSEC.
Step 4: Validate Configuration You can validate that DNSSEC is working correctly by using tools like nslookup or dig to query DNS records and check for the presence of DNSSEC signatures in the responses.
Note: The exact steps may vary depending on your environment and the version of Windows Server you are using. Ensure that you have the appropriate administrative rights to make these changes and that you test the configuration in a controlled environment before deploying it domain-wide12.
By following these steps, you should be able to ensure that all computers in your domain use DNSSEC to resolve names in the adatum.com zone.
Explanation:
To ensure that all computers in the domain use DNSSEC to resolve names in the adatum.com zone, you'll need to configure both the DNS servers and the client computers. Here's how you can do it:
Step 1: Sign the adatum.com Zone First, you need to sign the adatum.com DNS zone. This can be done using the DNS Manager or PowerShell. Here's a PowerShell example:
Add-DnsServerSigningKey -ZoneName "adatum.com" -CryptoAlgorithm RsaSha256 Set-DnsServerDnsSecZoneSetting -ZoneName "adatum.com" -DenialOfExistence NSEC3 - NSEC3Parameters 1,0,10,"" This will add a signing key and configure DNSSEC for the zone with NSEC3 parameters.
Step 2: Configure DNS Servers Ensure that your DNS servers are configured to support DNSSEC. This includes setting up trust anchors for the zones that you want to validate and configuring the DNS servers to provide DNSSEC validation for DNS queries.
Step 3: Configure DNS Clients For DNSSEC validation to occur on the client side, the client computers must be configured to trust the DNS server's validation process. This typically involves configuring the client's DNS settings to point to a DNS server that supports DNSSEC.
Step 4: Validate Configuration You can validate that DNSSEC is working correctly by using tools like nslookup or dig to query DNS records and check for the presence of DNSSEC signatures in the responses.
Note: The exact steps may vary depending on your environment and the version of Windows Server you are using. Ensure that you have the appropriate administrative rights to make these changes and that you test the configuration in a controlled environment before deploying it domain-wide12.
By following these steps, you should be able to ensure that all computers in your domain use DNSSEC to resolve names in the adatum.com zone.
You have a Windows Server 2022 container host named Host1 that has the Subsystem for Linux installed and the container images shown in the following table.
You need to deploy the images to Host1. The solution must maximize the isolation of the containers.
Which images can you run by using process isolation, and which images can you run by using Hyper-V isolation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to deploy the images to Host1. The solution must maximize the isolation of the containers.
Which images can you run by using process isolation, and which images can you run by using Hyper-V isolation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Your network contains an Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains the users shown in the following table.
The domain has the Group Policy Objects (GPOs) shown in the following table.
The GPOs are configured to map a drive named H as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
The domain has the Group Policy Objects (GPOs) shown in the following table.
The GPOs are configured to map a drive named H as shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You have a Windows Server container host named Server1.
You start the containers on Server1 as shown in the following table.
You need to validate the status of ProcessA and ProcessC.
Where can you verify that ProcessA and ProcessC are in a running state? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You start the containers on Server1 as shown in the following table.
You need to validate the status of ProcessA and ProcessC.
Where can you verify that ProcessA and ProcessC are in a running state? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Your network contains an Active Directory Domain Services (AD DS) domain.
You have a Group Policy Object (GPO) named GPO1 that contains Group Policy preferences.
You plan to link GPO1 to the domain.
You need to ensure that the preference in GPO1 apply only to domain member servers and NOT to domain controllers or client computers. All the other Group Policy settings in GPO1 must apply to all the computers.
The solution must minimize administrative effort.
Which type of item level targeting should you use?
You have a Group Policy Object (GPO) named GPO1 that contains Group Policy preferences.
You plan to link GPO1 to the domain.
You need to ensure that the preference in GPO1 apply only to domain member servers and NOT to domain controllers or client computers. All the other Group Policy settings in GPO1 must apply to all the computers.
The solution must minimize administrative effort.
Which type of item level targeting should you use?
正解:D
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You have two servers that have the Hyper-V server role installed. The servers are joined to a failover cluster both servers can connect to the same disk on an iSCSi storage device. You plan to use the iSCSI storage to store highly available Hyper-V virtual machines that will support live migration functionality. You need to configure a storage resource in the failover cluster to store the virtual machines.
What should you configure?
What should you configure?
正解:C
解答を投票する