최신 AZ-800 무료덤프 - Microsoft Administering Windows Server Hybrid Core Infrastructure
You have an Azure Active Directory Domain Services (Azure AD DS) domain.
You create a new user named Admin1.
You need Admin1 to deploy custom Group Policy settings to all the computers in the domain. The solution must use the principle of least privilege.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point
You create a new user named Admin1.
You need Admin1 to deploy custom Group Policy settings to all the computers in the domain. The solution must use the principle of least privilege.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point
정답:
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/manage-group-policy
Task 12
You need to create a Group Policy Object (GPO) named GPO1 that only applies to a group named MemberServers.
You need to create a Group Policy Object (GPO) named GPO1 that only applies to a group named MemberServers.
정답:
See the solution of this Task below.
Explanation:
To create a GPO named GPO1 that only applies to a group named MemberServers, you can follow these steps:
* On a domain controller or a computer that has the Remote Server Administration Tools (RSAT) installed, open Group Policy Management from the Administrative Tools menu or by typing gpmc.
msc in the Run box.
* In the left pane, expand your domain and right-click on Group Policy Objects. Select New to create a new GPO.
* In the New GPO dialog box, enter GPO1 as the Name of the new GPO and click OK. You can also optionally select a source GPO to copy the settings from.
* Right-click on the new GPO and select Edit to open the Group Policy Management Editor. Here, you can configure the settings that you want to apply to the group under the Computer Configuration and User Configuration nodes. For more information on how to edit a GPO, see Edit a Group Policy Object.
* Close the Group Policy Management Editor and return to the Group Policy Management console. Right- click on the new GPO and select Scope. Here, you can specify the scope of management for the GPO, such as the links, security filtering, and WMI filtering.
* Under the Security Filtering section, click on Authenticated Users and then click on Remove. This will remove the default permission granted to all authenticated users and computers to apply the GPO.
* Click on Add and then type the name of the group that you want to apply the GPO to, such as MemberServers. Click OK to add the group to the security filter. You can also click on Advanced to browse the list of groups available in the domain.
* Optionally, you can also configure the WMI Filtering section to further filter the GPO based on the Windows Management Instrumentation (WMI) queries. For more information on how to use WMI filtering, see Filter the scope of a GPO by using WMI filters.
* To link the GPO to an organizational unit (OU) or a domain, right-click on the OU or the domain in the left pane and select Link an Existing GPO. Select the GPO that you created, such as GPO1, and click OK. You can also change the order of preference by using the Move Up and Move Down buttons.
* Wait for the changes to replicate to other domain controllers. You can also force the update of the GPO by using the gpupdate /force command on the domain controller or the client computers. For more information on how to update a GPO, see Update a Group Policy Object.
Now, you have created a GPO named GPO1 that only applies to a group named MemberServers. You can verify the GPO application by using the gpresult /r command on a member server and checking the Applied Group Policy Objects entry. You can also use the Group Policy Results wizard in the Group Policy Management console to generate a report of the GPO application for a specific computer or user. For more information on how to use the Group Policy Results wizard, see Use the Group Policy Results Wizard.
Explanation:
To create a GPO named GPO1 that only applies to a group named MemberServers, you can follow these steps:
* On a domain controller or a computer that has the Remote Server Administration Tools (RSAT) installed, open Group Policy Management from the Administrative Tools menu or by typing gpmc.
msc in the Run box.
* In the left pane, expand your domain and right-click on Group Policy Objects. Select New to create a new GPO.
* In the New GPO dialog box, enter GPO1 as the Name of the new GPO and click OK. You can also optionally select a source GPO to copy the settings from.
* Right-click on the new GPO and select Edit to open the Group Policy Management Editor. Here, you can configure the settings that you want to apply to the group under the Computer Configuration and User Configuration nodes. For more information on how to edit a GPO, see Edit a Group Policy Object.
* Close the Group Policy Management Editor and return to the Group Policy Management console. Right- click on the new GPO and select Scope. Here, you can specify the scope of management for the GPO, such as the links, security filtering, and WMI filtering.
* Under the Security Filtering section, click on Authenticated Users and then click on Remove. This will remove the default permission granted to all authenticated users and computers to apply the GPO.
* Click on Add and then type the name of the group that you want to apply the GPO to, such as MemberServers. Click OK to add the group to the security filter. You can also click on Advanced to browse the list of groups available in the domain.
* Optionally, you can also configure the WMI Filtering section to further filter the GPO based on the Windows Management Instrumentation (WMI) queries. For more information on how to use WMI filtering, see Filter the scope of a GPO by using WMI filters.
* To link the GPO to an organizational unit (OU) or a domain, right-click on the OU or the domain in the left pane and select Link an Existing GPO. Select the GPO that you created, such as GPO1, and click OK. You can also change the order of preference by using the Move Up and Move Down buttons.
* Wait for the changes to replicate to other domain controllers. You can also force the update of the GPO by using the gpupdate /force command on the domain controller or the client computers. For more information on how to update a GPO, see Update a Group Policy Object.
Now, you have created a GPO named GPO1 that only applies to a group named MemberServers. You can verify the GPO application by using the gpresult /r command on a member server and checking the Applied Group Policy Objects entry. You can also use the Group Policy Results wizard in the Group Policy Management console to generate a report of the GPO application for a specific computer or user. For more information on how to use the Group Policy Results wizard, see Use the Group Policy Results Wizard.
You have an Azure virtual machine named Served that runs a network management application. Server1 has the following network configurations:
* Network interface: Nic1
* IP address. 10.1.1.1/24
* Connected to: VnetVSubnet1
You need to connect Server1 to an additional subnet named Vnet1/Subnet2.
What should you do?
* Network interface: Nic1
* IP address. 10.1.1.1/24
* Connected to: VnetVSubnet1
You need to connect Server1 to an additional subnet named Vnet1/Subnet2.
What should you do?
정답: A
You haw an Azure virtual machine named VM1 that runs Windows Server
You need to configure the management of VM1 to meet the following requirements:
* Require administrators to request access to VM1 before establishing a Remote Desktop connection.
* Limit access to VM1 from specific source IP addresses.
* Limit access to VMI to a specific management port
What should you configure?
You need to configure the management of VM1 to meet the following requirements:
* Require administrators to request access to VM1 before establishing a Remote Desktop connection.
* Limit access to VM1 from specific source IP addresses.
* Limit access to VMI to a specific management port
What should you configure?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
Your network contains two VLANs for client computers and one VLAN for a datacenter Each VLAN is assigned an IPv4 subnet Currently, all the client computers use static IP addresses.
You plan to deploy a DHCP server to the VLAN in the datacenter.
You need to use the DHCP server to provide IP configurations to all the client computers.
What is the minimum number of scopes and DHCP relays you should create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to deploy a DHCP server to the VLAN in the datacenter.
You need to use the DHCP server to provide IP configurations to all the client computers.
What is the minimum number of scopes and DHCP relays you should create? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Box 1: 3
You need a DHCP scope for each of the three subnets.
Box 2: 2
The two client VLANs need a DHCP Relay Agent to forward DHCP requests to the DHCP server. The datacenter VLAN that contains the DHCP server does not require a DHCP Relay Agent.
Your network contains an Active Directory Domain Services (AD DS) domain named conioso.com.
You need to identify which server is the PDC emulator for the domain.
Solution: from Active Directory Users and Computers, you right-click contoso.com in the console tree, and then select Operations Master Does this meet the goal?
You need to identify which server is the PDC emulator for the domain.
Solution: from Active Directory Users and Computers, you right-click contoso.com in the console tree, and then select Operations Master Does this meet the goal?
정답: B
Your network contains an Active Directory Domain Services {AD DS) domain. The domain contains the resources shown in the following table.
You plan to replicate a volume from Server1 to Server2 by using Storage Replica.
You need to configure Storage Replica.
Where should you install Windows Admin Center?
You plan to replicate a volume from Server1 to Server2 by using Storage Replica.
You need to configure Storage Replica.
Where should you install Windows Admin Center?
정답: B
You have a server that runs Windows Server and has the DHCP Server role installed. The server has a scope named Scope! that has the following configurations:
* Address range: 192.168.0.2 to 192.16B.1.2M . Mask 255.255.254.0
* Router: 192.168.0.1
* Lease duration: 3 days
* DNS server 172.16.0.254
You have 50 Microsoft Teams Phone devices from the same vendor. All the devices have MAC addresses within the same range.
You need to ensure that all the Teams Phone devices that receive a lease from Scope1 have IP addresses in the range of 192.168.1.100 to 192.168.1.200. The solution must NOT affect other DHCP clients that receive IP configurations from Scope1.
What should you create?
* Address range: 192.168.0.2 to 192.16B.1.2M . Mask 255.255.254.0
* Router: 192.168.0.1
* Lease duration: 3 days
* DNS server 172.16.0.254
You have 50 Microsoft Teams Phone devices from the same vendor. All the devices have MAC addresses within the same range.
You need to ensure that all the Teams Phone devices that receive a lease from Scope1 have IP addresses in the range of 192.168.1.100 to 192.168.1.200. The solution must NOT affect other DHCP clients that receive IP configurations from Scope1.
What should you create?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
You have an Azure virtual machine named VM1 that contains the drives shown in the following table.
On VM1, you plan to install an app named App1. The data for App1 must be stored on a persistent data disk assigned to drive D.
You need assign the data disk to drive D.
What should you do on VM1 first?
On VM1, you plan to install an app named App1. The data for App1 must be stored on a persistent data disk assigned to drive D.
You need assign the data disk to drive D.
What should you do on VM1 first?
정답: D
You need to ensure that data availability on SSPace1 meets the technical requirements.
What is the maximum number of physical disks that can fail on each disk? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
What is the maximum number of physical disks that can fail on each disk? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Your network contains a Active Directory Domain Service (AD DS) forest named contoso.com. The forest root domain contains a server named server1. contoso.com.
A two-way forest trust exists between the contoso.com forest and an AD DS forest named fabrikam.com. The fabrikam.com forest contains 10 child domains.
You need to ensure that only the members of a group named fabrikam\Group1 can authenticate to server1.
contoso.com.
What should you do first?
A two-way forest trust exists between the contoso.com forest and an AD DS forest named fabrikam.com. The fabrikam.com forest contains 10 child domains.
You need to ensure that only the members of a group named fabrikam\Group1 can authenticate to server1.
contoso.com.
What should you do first?
정답: B
You need to implement the planned change for Data1.
Which actions should you perform in sequence? To answer, drag the appropriate actions to the correct order.
Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Which actions should you perform in sequence? To answer, drag the appropriate actions to the correct order.
Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have a server named Server1 that runs Windows Server Server1 has a just-a-bunch-of-disks (JBOD) enclosure attached.
You plan to create a storage pool on Server1 and a virtual disk that will use a mirror layout.
You are considering whether to use a two-way or a three-way mirror layout.
What is the minimum number of disks required for each type of minor layout? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to create a storage pool on Server1 and a virtual disk that will use a mirror layout.
You are considering whether to use a two-way or a three-way mirror layout.
What is the minimum number of disks required for each type of minor layout? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
You have a server named Server1 that runs Windows Server and has the Hyper-V server role installed.
Server1 contains a virtual machine named VM1 that runs Windows Server.
You need to install the Hyper-V server role on VM1.
Which PowerShell command should you run first? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Server1 contains a virtual machine named VM1 that runs Windows Server.
You need to install the Hyper-V server role on VM1.
Which PowerShell command should you run first? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
정답:
Explanation:
Your network contains an Active Directory Domain Services (AD DS) domain.
You have a Group Policy Object (GPO) named GPO1 that contains Group Policy preferences.
You plan to link GPO1 to the domain.
You need to ensure that the preference in GPO1 apply only to domain member servers and NOT to domain controllers or client computers. All the other Group Policy settings in GPO1 must apply to all the computers.
The solution must minimize administrative effort.
Which type of item level targeting should you use?
You have a Group Policy Object (GPO) named GPO1 that contains Group Policy preferences.
You plan to link GPO1 to the domain.
You need to ensure that the preference in GPO1 apply only to domain member servers and NOT to domain controllers or client computers. All the other Group Policy settings in GPO1 must apply to all the computers.
The solution must minimize administrative effort.
Which type of item level targeting should you use?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Task 6
You need to use Azure File Sync 10 replicate the contents of C:\app on SRV1 to an Azure file share named sharel1.
The required source files are located in a folder named \\dc1.contoso.com\install.
You need to use Azure File Sync 10 replicate the contents of C:\app on SRV1 to an Azure file share named sharel1.
The required source files are located in a folder named \\dc1.contoso.com\install.
정답:
See the solution of this Task below.
Explanation:
To use Azure File Sync to replicate the contents of C:\app on SRV1 to an Azure file share named sharel1, with the source files located in \\dc1.contoso.com\install, follow these steps:
Step 1: Prepare Windows Server for Azure File Sync Ensure that SRV1 meets the prerequisites for Azure File Sync, such as having a supported version of Windows Server and PowerShell 5.1 or later1.
Step 2: Deploy the Storage Sync Service In the Azure portal, deploy the Storage Sync Service in the same region as your Azure file share1.
Step 3: Create an Azure File Share Create an Azure file share named sharel1 in your storage account1.
Step 4: Install the Azure File Sync Agent Download and install the Azure File Sync agent on SRV11.
Step 5: Register SRV1 with the Storage Sync Service After installing the agent, register SRV1 with the Storage Sync Service using the Azure portal1.
Step 6: Create a Sync Group and Server Endpoint In the Azure portal, go to your Storage Sync Service and create a new sync group. Add a server endpoint with the path C:\app on SRV12.
Step 7: Configure Cloud Endpoint Add the Azure file share sharel1 as the cloud endpoint to the sync group2.
Step 8: Initiate the Sync Process The initial sync will start automatically after the cloud endpoint and server endpoint are added to the sync group. Ensure that the Azure File Sync agent is running on SRV11.
Step 9: Monitor the Sync Status Monitor the sync status in the Azure portal to ensure that the files are being replicated correctly from C:\app on SRV1 to the Azure file share sharel11.
Note: Make sure that the network connectivity between SRV1 and the Azure file share is established and that the necessary ports are open. Also, verify that the SMB security settings allow for the required SMB protocol version and authentication methods1.
By following these steps, you should be able to replicate the contents of C:\app on SRV1 to the Azure file share sharel1 using Azure File Sync. Ensure that you have the necessary permissions to perform these actions and that SRV1 is properly configured to communicate with Azure services.
Explanation:
To use Azure File Sync to replicate the contents of C:\app on SRV1 to an Azure file share named sharel1, with the source files located in \\dc1.contoso.com\install, follow these steps:
Step 1: Prepare Windows Server for Azure File Sync Ensure that SRV1 meets the prerequisites for Azure File Sync, such as having a supported version of Windows Server and PowerShell 5.1 or later1.
Step 2: Deploy the Storage Sync Service In the Azure portal, deploy the Storage Sync Service in the same region as your Azure file share1.
Step 3: Create an Azure File Share Create an Azure file share named sharel1 in your storage account1.
Step 4: Install the Azure File Sync Agent Download and install the Azure File Sync agent on SRV11.
Step 5: Register SRV1 with the Storage Sync Service After installing the agent, register SRV1 with the Storage Sync Service using the Azure portal1.
Step 6: Create a Sync Group and Server Endpoint In the Azure portal, go to your Storage Sync Service and create a new sync group. Add a server endpoint with the path C:\app on SRV12.
Step 7: Configure Cloud Endpoint Add the Azure file share sharel1 as the cloud endpoint to the sync group2.
Step 8: Initiate the Sync Process The initial sync will start automatically after the cloud endpoint and server endpoint are added to the sync group. Ensure that the Azure File Sync agent is running on SRV11.
Step 9: Monitor the Sync Status Monitor the sync status in the Azure portal to ensure that the files are being replicated correctly from C:\app on SRV1 to the Azure file share sharel11.
Note: Make sure that the network connectivity between SRV1 and the Azure file share is established and that the necessary ports are open. Also, verify that the SMB security settings allow for the required SMB protocol version and authentication methods1.
By following these steps, you should be able to replicate the contents of C:\app on SRV1 to the Azure file share sharel1 using Azure File Sync. Ensure that you have the necessary permissions to perform these actions and that SRV1 is properly configured to communicate with Azure services.
Your network contains an Active Directory Domain Services (AD DS) domain named contoso.com.
You need to identify which server is the PDC emulator for the domain.
Solution: From Active Directory Sites and Services, you right-click Default-First-Site-Name in the console tree, and then select Properties.
Does this meet the goal?
You need to identify which server is the PDC emulator for the domain.
Solution: From Active Directory Sites and Services, you right-click Default-First-Site-Name in the console tree, and then select Properties.
Does this meet the goal?
정답: A
You have a server that runs Windows Server 2022 and has the network adapters shown in the following table.
You need to configure NIC learning for LAN2 and LAN3. The solution must support Dynamic Virtual Machine Multi-Queue (d.VMMQ).
What should you use?
You need to configure NIC learning for LAN2 and LAN3. The solution must support Dynamic Virtual Machine Multi-Queue (d.VMMQ).
What should you use?
정답: C