AZ-800 Exam

FREE AZ 800: Administering Windows Server Hybrid Questions and Answers

To modify a deployed VM's configuration, you must execute an Azure VM extension. In order to run Azure VM extensions, which of the following platforms would you choose?

ARM Templates

Azure CLI

PowerShell

Any of the above

Correct! Wrong!

Small-sized programs called Azure VM extensions are used to help with automation chores and post-deployment settings on Azure VMs. PowerShell, Azure CLI, Azure Portal, and the Azure Resource Manager templates portal can all be used to launch Azure VM extensions. You can run Azure Virtual Machine extensions against an existing system or couple them with a new Virtual Machine deployment.

You must permit users to alter Azure AD Connect Health settings, such as email notifications. Which Roles from the list below would you assign to the user? (Select the position with the fewest restrictions that best fits the circumstances and is adequate.)

Contributor

Writer

Owner

Reader

Correct! Wrong!

Access to groups and users other than global administrators is provided by Azure RBAC (Role-based access control) for Azure AD Connect Health. Azure AD Connect Health supports the following built-in roles.

How should a role capability file be set up to determine the precise PowerShell features that are accessible during a Just Enough Administration (JEA) session? Which settings from the options listed below should be selected?

VisibleFunctions

VisibleAliases

VisibleExternalCommands

VisibleCmdlets

Correct! Wrong!

Which PowerShell functions are accessible in a JEA session are specified by the VisibleFunctions parameter. Either list the functions, allowing any combination of arguments and parameter values to be used, or restrict the use of certain parameters and parameter values.

A management tool included into Windows Server called Group Policy enables you to protect user and computer settings. The group policy applies Group Policy items in a particular order. From the available options below, pick the right sequence.

Site-> Local-> Domain-> Organizational Units

Organizational Units-> Domain-> Site-> Local

Local-> Site-> Domain-> Organizational Units

Domain-> Local-> Site-> Organizational Units

Correct! Wrong!

Group Policy Objects (GPOs) from the Site are applied first by the Group Policy Service, then GPOs from the Domain, and finally GPOs from Organization Units.

A Kerberos authentication-based application must be deployed by your firm; on-premises directory services are not necessary. Select the deployment strategy that best fits this situation.

Deploy AD DS only on an Azure VM

You can choose any deployment model. All will have equal performance.

Deploy a separate AD forest that's trusted by domains in their on-premises AD forest

Deploy AD DS in on-premises infrastructure and on an Azure VM

Correct! Wrong!

Applications using Kerberos authentication, but without any on-premises directory service needs.
Greenfield deployments without an existing AD DS environment on-premises

Decommissioning the member hosts from an existing server farm is the duty you have been given. You have to remove group Managed Service Account (gMSA) after removing the member host as part of the procedure. In PowerShell, which of the following cmdlets would you use?

Remove-ADServiceAccount

Uninstall-gMSAAccount

Remove -gMSAAccount

Uninstall-ADServiceAccount

Correct! Wrong!

The Uninstall-ADServiceAccount cmdlet or the NetRemoveServiceAccount API on the host system can be used to remove the cached gMSA credentials from the member host.

The Contoso IT staff wants to make sure that clients on the internal and external networks resolve names to the appropriate internal and external IP addresses. What should they do?

Set up split-horizon DNS by creating a single, private DNS zone in Azure.

Set up split-horizon DNS by creating two DNS zones in Azure—one private and one public, both with the same name.

Set up split-horizon DNS by creating two DNS zones in Azure—one private and one public. The zones must have different names.

None of the above

Correct! Wrong!

In a particular arrangement known as split-horizon DNS, your resources have two primary DNS zones for the same domain that contain information about domain name registration. For name resolution, internal n/w hosts are pointed to one zone while external hosts are pointed to another.

FREE AZ 800: Administering Windows Server Hybrid Questions and Answers

To modify a deployed VM's configuration, you must execute an Azure VM extension. In order to run Azure VM extensions, which of the following platforms would you choose?

You must permit users to alter Azure AD Connect Health settings, such as email notifications. Which Roles from the list below would you assign to the user? (Select the position with the fewest restrictions that best fits the circumstances and is adequate.)

How should a role capability file be set up to determine the precise PowerShell features that are accessible during a Just Enough Administration (JEA) session? Which settings from the options listed below should be selected?

A management tool included into Windows Server called Group Policy enables you to protect user and computer settings. The group policy applies Group Policy items in a particular order. From the available options below, pick the right sequence.

A Kerberos authentication-based application must be deployed by your firm; on-premises directory services are not necessary. Select the deployment strategy that best fits this situation.

Decommissioning the member hosts from an existing server farm is the duty you have been given. You have to remove group Managed Service Account (gMSA) after removing the member host as part of the procedure. In PowerShell, which of the following cmdlets would you use?

The Contoso IT staff wants to make sure that clients on the internal and external networks resolve names to the appropriate internal and external IP addresses. What should they do?

Related Post