AZ-800試験無料問題集「Microsoft Administering Windows Server Hybrid Core Infrastructure 認定」
You have a server named Server1 that runs Windows Server and contains two drives named C and D. Server1 hosts multiple file shares.
You enable Data Deduplication on drive D and select the General purpose file server workload.
You need to minimize the space consumed by files that were recently modified or deleted.
What should you do?
You enable Data Deduplication on drive D and select the General purpose file server workload.
You need to minimize the space consumed by files that were recently modified or deleted.
What should you do?
正解:C
解答を投票する
You have an Azure subscription that contains the virtual networks shown in the following table.
You deploy a virtual machine named VM1 that runs Windows Server. VM1 is connected to Subnet11.
You plan to add an additional network interface named NIC1 to VM1.
To which subnets can NIC1 be attached?
You deploy a virtual machine named VM1 that runs Windows Server. VM1 is connected to Subnet11.
You plan to add an additional network interface named NIC1 to VM1.
To which subnets can NIC1 be attached?
正解:D
解答を投票する
You have a Windows Server container host named Server1.
You start the containers on Server1 as shown in the following table.
You need to validate the status of ProcessA and ProcessC.
Where can you verify that ProcessA and ProcessC are in a running state? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You start the containers on Server1 as shown in the following table.
You need to validate the status of ProcessA and ProcessC.
Where can you verify that ProcessA and ProcessC are in a running state? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You have a Windows Server container host named Server 1 and a container image named Image1.
You need to start a container from image1. The solution must run the container on a Hyper-V virtual machine.
Which parameter should you specify when you run the docker run command?
You need to start a container from image1. The solution must run the container on a Hyper-V virtual machine.
Which parameter should you specify when you run the docker run command?
正解:D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You have an on premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant.
You plan to implement self-service password reset (SSPR) in Azure AD.
You need to ensure that users that reset their passwords by using SSPR can use the new password resources in the AD DS domain.
What should you do?
You plan to implement self-service password reset (SSPR) in Azure AD.
You need to ensure that users that reset their passwords by using SSPR can use the new password resources in the AD DS domain.
What should you do?
正解:D
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
Task 9
You plan to create group managed service accounts (gMSAs).
You need to configure the domain to support the creation of gMSAs.
You plan to create group managed service accounts (gMSAs).
You need to configure the domain to support the creation of gMSAs.
正解:
See the solution of this Task below.
Explanation:
To configure the domain to support the creation of gMSAs, you need to perform the following steps:
* On a domain controller or a computer that has the Remote Server Administration Tools (RSAT) installed, open PowerShell as an administrator and run the following command to install the Active Directory module:
Install-WindowsFeature -Name RSAT-AD-PowerShell
* Run the following command to create a Key Distribution Service (KDS) root key, which is required for generating passwords for gMSAs. You only need to do this once per domain:
Add-KdsRootKey -EffectiveImmediately
* Wait for at least 10 hours for the KDS root key to replicate to all domain controllers in the domain.
Alternatively, you can use the -EffectiveTime parameter to specify a past date and time for the KDS root key, but this is not recommended for security reasons. For more information, see Add-KdsRootKey.
* After the KDS root key is replicated, you can create and configure gMSAs using the New- ADServiceAccount and Set-ADServiceAccount cmdlets. For more information, see Create a gMSA and Configure a gMSA.
Explanation:
To configure the domain to support the creation of gMSAs, you need to perform the following steps:
* On a domain controller or a computer that has the Remote Server Administration Tools (RSAT) installed, open PowerShell as an administrator and run the following command to install the Active Directory module:
Install-WindowsFeature -Name RSAT-AD-PowerShell
* Run the following command to create a Key Distribution Service (KDS) root key, which is required for generating passwords for gMSAs. You only need to do this once per domain:
Add-KdsRootKey -EffectiveImmediately
* Wait for at least 10 hours for the KDS root key to replicate to all domain controllers in the domain.
Alternatively, you can use the -EffectiveTime parameter to specify a past date and time for the KDS root key, but this is not recommended for security reasons. For more information, see Add-KdsRootKey.
* After the KDS root key is replicated, you can create and configure gMSAs using the New- ADServiceAccount and Set-ADServiceAccount cmdlets. For more information, see Create a gMSA and Configure a gMSA.
You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with a Microsoft Entra tenant.
You deploy an app that adds custom attributes to the domain.
From Azure Cloud Shell, you discover that you cannot query the custom attributes of users.
You need to ensure that the custom attributes are available in Microsoft Entra ID.
Which task should you perform from Microsoft Entra Connect first?
You deploy an app that adds custom attributes to the domain.
From Azure Cloud Shell, you discover that you cannot query the custom attributes of users.
You need to ensure that the custom attributes are available in Microsoft Entra ID.
Which task should you perform from Microsoft Entra Connect first?
正解:C
解答を投票する
You have servers that have the DNS Server role installed. The servers are configured as shown in the following table.
All the client computers in the New York office use Server2 as the DNS server.
You need to configure name resolution in the New York office to meet the following requirements:
* Ensure that the client computers in New York can resolve names from contoso.com.
* Ensure that Server2 forwards all DNS queries for internet hosts to 131. 107.100.200.
The solution must NOT require modifications to Server1.
Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
All the client computers in the New York office use Server2 as the DNS server.
You need to configure name resolution in the New York office to meet the following requirements:
* Ensure that the client computers in New York can resolve names from contoso.com.
* Ensure that Server2 forwards all DNS queries for internet hosts to 131. 107.100.200.
The solution must NOT require modifications to Server1.
Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
正解:A,B
解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
You have a server named Server1 that runs Windows Server and has the Hyper-V server role installed.
Server1 contains a virtual machine named VM1 that runs Windows Server.
You need to install the Hyper-V server role on VM1.
Which PowerShell command should you run first? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Server1 contains a virtual machine named VM1 that runs Windows Server.
You need to install the Hyper-V server role on VM1.
Which PowerShell command should you run first? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
You have a server named Server1 that runs Windows Server and has the Hyper-V server role installed.
You need 10 limit which Hyper-V module cmdlets helpdesk users can use when administering Server 1 remotely.
You configure Just Enough Administration (JEA) and successfully build the role capabilities and session configuration files.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need 10 limit which Hyper-V module cmdlets helpdesk users can use when administering Server 1 remotely.
You configure Just Enough Administration (JEA) and successfully build the role capabilities and session configuration files.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Reference:
https://docs.microsoft.com/en-us/powershell/scripting/learn/remoting/jea/register-jea?view=powershell-7.2
You have a Windows Server 2022 container host named Host1 that has the Subsystem for Linux installed and the container images shown in the following table.
You need to deploy the images to Host1. The solution must maximize the isolation of the containers.
Which images can you run by using process isolation, and which images can you run by using Hyper-V isolation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You need to deploy the images to Host1. The solution must maximize the isolation of the containers.
Which images can you run by using process isolation, and which images can you run by using Hyper-V isolation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Your network contains an Active Directory domain named contoso.com. The domain contains group managed service accounts (gMSAs). You have a server named Server1 that runs Windows Server and is in a workgroup. Server! hosts Windows containers.
You need to ensure that the Windows containers can authenticate to contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
You need to ensure that the Windows containers can authenticate to contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
Explanation:
Which groups can you add to Group3 and Group5? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
Reference:
https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/active-directory- security-groups
Task 11
You need to ensure that all DHCP clients that get an IP address from SRV1 will be configured to use DC1 as a DNS server.
You need to ensure that all DHCP clients that get an IP address from SRV1 will be configured to use DC1 as a DNS server.
正解:
See the solution of this Task below.
Explanation:
One possible solution to ensure that all DHCP clients that get an IP address from SRV1 will be configured to use DC1 as a DNS server is to use the DHCP scope options. DHCP scope options are settings that apply to all DHCP clients that obtain an IP address from a specific scope. You can use the DHCP scope options to specify the DNS server IP address, as well as other parameters such as the default gateway, the domain name, and the DNS suffix. Here are the steps to configure the DHCP scope options on SRV1:
* On SRV1, open DNS Manager from the Administrative Tools menu or by typing dnsmgmt.msc in the Run box.
* In the left pane, expand your DHCP server and click on IPv4.
* In the right pane, right-click on the scope that you want to configure and select Properties.
* In the Scope Properties dialog box, click on the DNS tab.
* Check the box Enable DNS dynamic updates according to the settings below. This option allows the DHCP server to register and update the DNS records for the DHCP clients.
* Select the option Always dynamically update DNS records. This option ensures that the DHCP server updates both the A and PTR records for the DHCP clients, regardless of whether they request or support dynamic updates.
* Check the box Discard A and PTR records when lease is deleted. This option allows the DHCP server to delete the DNS records for the DHCP clients when their leases expire or are released.
* Check the box Dynamically update DNS records for DHCP clients that do not request updates.
This option allows the DHCP server to update the DNS records for the DHCP clients that do not support dynamic updates, such as legacy or non-Windows clients.
* In the DNS servers section, click on the Add button to add a new DNS server IP address.
* In the Add Server dialog box, enter the IP address of DC1, which is the DNS server that you want to use for the DHCP clients, and click Add.
* Click OK to close the Add Server dialog box and return to the Scope Properties dialog box.
* Click OK to apply the changes and close the Scope Properties dialog box.
Now, all DHCP clients that get an IP address from SRV1 will be configured to use DC1 as a DNS server. You can verify the DNS configuration by using the ipconfig /all command on a DHCP client computer and checking the DNS Servers entry. You can also check the DNS records for the DHCP clients by using the DNS Manager console on DC1.
Explanation:
One possible solution to ensure that all DHCP clients that get an IP address from SRV1 will be configured to use DC1 as a DNS server is to use the DHCP scope options. DHCP scope options are settings that apply to all DHCP clients that obtain an IP address from a specific scope. You can use the DHCP scope options to specify the DNS server IP address, as well as other parameters such as the default gateway, the domain name, and the DNS suffix. Here are the steps to configure the DHCP scope options on SRV1:
* On SRV1, open DNS Manager from the Administrative Tools menu or by typing dnsmgmt.msc in the Run box.
* In the left pane, expand your DHCP server and click on IPv4.
* In the right pane, right-click on the scope that you want to configure and select Properties.
* In the Scope Properties dialog box, click on the DNS tab.
* Check the box Enable DNS dynamic updates according to the settings below. This option allows the DHCP server to register and update the DNS records for the DHCP clients.
* Select the option Always dynamically update DNS records. This option ensures that the DHCP server updates both the A and PTR records for the DHCP clients, regardless of whether they request or support dynamic updates.
* Check the box Discard A and PTR records when lease is deleted. This option allows the DHCP server to delete the DNS records for the DHCP clients when their leases expire or are released.
* Check the box Dynamically update DNS records for DHCP clients that do not request updates.
This option allows the DHCP server to update the DNS records for the DHCP clients that do not support dynamic updates, such as legacy or non-Windows clients.
* In the DNS servers section, click on the Add button to add a new DNS server IP address.
* In the Add Server dialog box, enter the IP address of DC1, which is the DNS server that you want to use for the DHCP clients, and click Add.
* Click OK to close the Add Server dialog box and return to the Scope Properties dialog box.
* Click OK to apply the changes and close the Scope Properties dialog box.
Now, all DHCP clients that get an IP address from SRV1 will be configured to use DC1 as a DNS server. You can verify the DNS configuration by using the ipconfig /all command on a DHCP client computer and checking the DNS Servers entry. You can also check the DNS records for the DHCP clients by using the DNS Manager console on DC1.
You have two servers that have the Hyper-V server role installed. The servers are joined to a failover cluster both servers can connect to the same disk on an iSCSi storage device. You plan to use the iSCSI storage to store highly available Hyper-V virtual machines that will support live migration functionality. You need to configure a storage resource in the failover cluster to store the virtual machines.
What should you configure?
What should you configure?
正解:D
解答を投票する