B.3.2 AZ-800 Domain 2: Manage Windows Servers and Workloads in A Hybrid Environment
You are using Azure Arc to manage virtual machine extensions. Which of the following BEST describes virtual machine extensions?
Small applications that provide post-deployment configurations such as installing a specific program or service.
Which of the following Windows 11 interface components is designed to provide information such as local weather, trending news, and options to personalize the news feed and interests?
Widgets
Which of the following services must be enabled and set to auto-start for PowerShell remoting to work?
Windows Remote Management (Win-RM) service
After completing a Server Core deployment on a new server, you need to prepare the server to be joined to an Active Directory domain by completing the following tasks: Change the name of the computer to something that fits your server naming rules. Set the time and time zone to match your local time zone. Assign a static IP address to the server. Which of the following is a server configuration utility you can use to perform these tasks?
sconfig
An Azure Connected Machine agent sends a heartbeat message to the Azure Arc service. Which port would need to be allowed through the firewall for the message to be received?
443
Which of the following BEST describes a Kubernetes cluster?
A group of containerized applications.
Drag the type of server software listed on the left to its appropriate description on the right.
A set of software features that provides a specific server function. Role A software program that adds functionality to all server functions. Feature A specific program that adds functions to a role. Role service
After installing Windows Server, the computer will have several settings that were configured during installation by default. These settings can be seen on the Local Server Properties page. Which of the following local server properties will you most likely need to configure? (Select two.)
A static IP address for Ethernet0. The time zone that matches the server's location.
Which of the following are installed by default with Windows Server Core? (Select two.)
Active Directory Domain Services DHCP Server
Which of the following are available server roles with Windows Server 2022? (Select two.)
Active Directory Domain Services Print and Document Services
Which of the following enables an organization to share identity information outside its network?
Active Directory Federation Services
Your manager has asked you to install the Web Server (IIS) role on one of your Windows Server 2022 systems so it can host an internal website. Which Windows feature can you use to do this?
Add Roles and Features
Immediately after installing Windows Server, you use the Server Manager to do which of the following? (Select two)
Add roles and features Configure the local server
When assigning a policy in the Azure portal, you are asked to specify the scope and any exclusions. Which of the following describes the scope?
Allows the policy to be limited to a particular resource group.
The notification area is available at the right end of the taskbar on the Windows desktop. Which of the following does the notification area display? (Select three)
Application icons The current date and time System management icons for networks, sound volume, and removable devices
For the most part, the server role will dictate whether a Server Core deployment is appropriate. Which of the following instances would not benefit from the smaller footprint and increased performance offered by Server Core?
Application server
After completing a server core deployment on a new server, you prepare the server to be joined to an Active Directory domain by completing the following tasks: Change the name of the computer to something that fits your server naming rules. Set the time and time zone to match your local time zone. Which of the following tasks should you still perform before joining the server to the domain?
Assign a static IP address to the server.
You want to monitor processor and memory utilization on Srv4. You create a single data collector set configured to save log files daily. You add the processor and memory data collectors to the data collector set. After running the data collector set for several days, you have several separate log files. You would like to compare the statistics for the first day with the statistics reported for the last day. In particular, you would like to be able to see a single graph that lines up the processor utilization on an hour-by-hour basis. What should you do?
At a command prompt, run Perfmon /sys multiple times to open a view of each log file. Use the Compare option to transparently overlay each log onto the first log.
You are using Azure Arc to monitor the health and performance of your network resources and gather and analyze log files. Which of the following Azure Arc tools are you using to perform these tasks?
Azure Monitor
Which role or feature protects a server by encrypting the operating system volume and verifying the integrity of other startup components?
BitLocker Drive Encryption
You have completed the installation of Windows Server 2022. Which of the following tasks is best to perform before joining the server to an Active Directory domain?
Change the computer name.
Azure Policy can be used to apply the Desired State Configuration (DSC) for all Azure VMs, and Azure Arc-enabled servers. The Desired State Configuration defines what software should be installed and what customizations should be applied to these resources. Using Azure Policy to define and apply the DSC ensures that these resources will remain in compliance and avoids which of the following?
Configuration drift
You have a PowerShell script that starts a remote session on server, and then attempts to connect to a second computer to pull some necessary files for the script to complete successfully. However, this prevents Kerberos from passing along your credentials to the second machine and the script fails. This is known as a Kerberos second hop issue. You want to resolve the issue by caching your credentials on the first server so they can be encrypted and sent to the second server. Which of the following second hop solutions meets your requirements?
Credential Security Support Provider (CredSSP)
When assigning a policy, a required field specifies the policy definition. What are the two ways to assign a policy definition? (Select two.)
Custom policy definitions Build-in policy definitions
The first screen that you see when logging into the Azure Portal is the Azure Home page, which cannot be customized. What can you select as an alternative default view that can be customized?
Dashboard
Which of the following are roles of Remote Access? (Select two.)
DirectAccess and VPN (RAS) Web Application Proxy
The network administrator for CorpNet.xyz needs to start a PowerShell remoting session with an on-premises web server named CorpWeb. What cmdlet do you need to execute? (Include the option and parameters necessary to access the specified server.)
Enter-PSSession -ComputerName CorpWeb
Azure Policy evaluates a network resource when it is created or a policy assignment is updated, created, or assigned to a resource. How often is a resource evaluated after the initial evaluation?
Every 24 hours
As a network administrator, you have just registered two new on-premises servers in Azure Arc. How often will the Azure Connected Machine agent send a heartbeat message from the newly added servers to the Azure Arc service?
Every 5 minutes.
Which Windows Admin Center installation type is similar to a gateway server installation?
Failover cluster installation
You want to install Windows Admin Center (WAC) on your server cluster to make sure you always have access to the management system. Which of the following WAC installation types would work BEST for you?
Failover cluster installation
Which of the following are benefits of enrolling SQL databases into Azure Arc? (Select two.)
Flexible scaling options A platform as a service experience
Windows Admin Center Gateway server was recently installed, and you want to access the web portal. Which web browsers are supported? (Select two.)
Google Chrome Microsoft Edge
Which of the following are options available from the Power button at the bottom left of the Start menu? (Select three.)
Hibernate Restart Sleep
You are troubleshooting a custom application on a Windows server named Srv4. Periodically the application writes or modifies several registry entries. You want to monitor these registry keys so that you can create a report that shows their corresponding settings over the next five days. What should you do?
In Performance Monitor, define a configuration data collector.
You are the administrator for westsim.com. You have recently installed Windows Server on new hardware in your environment. You have been experiencing a hardware problem with this new server, so you open Reliability Monitor to view your server's reliability and problem history in the hope of identifying the problem. Unfortunately, you find that no reliability information has been collected. What should you do?
In Task Scheduler, enable the One time trigger in the RacTask task.
You want to monitor memory statistics on your Windows server named Srv12. You want the monitor to run continuously, saving an hour's worth of data in a new file. In Performance Monitor, you create a new data collector set and add the required data collectors for the statistics you want to monitor. In the data collector set properties, you select When a limit is reached, restart the data collector set and configure a limit of 1 hour. You manually start the data collector set. The next day, you view the report. There is a single file, and its contents show data for only the first minute after you started the data collector set. What should you do to capture the data as desired?
In the data collector set, set the overall duration to zero seconds.
Which of the following are drawbacks to the client-server model?
Increased knowledge required to manage the implementation. Increased implementation cost due to specialized hardware and software requirements.
Match the Windows Admin Center installation type on the left with the correct description on the right. (Each installation type may be used once, more than once, or not at all.)
Installed on a local Windows 10 client machine with connectivity to the managed servers. Local client installation Installed on a server that exists between the managed client and managed servers. Gateway server installation Installed directly on a managed server. Managed server installation Installed on a high availability server. Failover cluster installation Installed directly on a managed client and all managed servers. blank Installed on the Domain Controller for a failover cluster. blank
As the network administrator, you have implemented Kubernetes Clusters. You want to use Azure Arc to simplify the management of these clusters. Which of the following management capabilities does Azure Arc provide to control the cluster configuration and workloads? (Drag Kubernetes Clusters on the left to each applicable capability on the right. There may be some listed capabilities that do not apply.)
Inventory Kubernetes Clusters Policy compliance Kubernetes Clusters User access Kubernetes Clusters Monitoring Kubernetes Clusters Security Kubernetes Clusters
Which of the following are TRUE about the PowerShell in Windows? (Select two)
It is built on the .NET Framework. It uses commands called cmdlets.
Which of the following formats is used to create the Azure Policy definitions?
JavaScript Object Notation (JSON)
You have a PowerShell script that starts a remote session on server, and then attempts to connect to a second computer to pull some necessary files for the script to complete successfully. However, this prevents Kerberos from passing along your credentials to the second machine and the script fails. This is known as a Kerberos second hop issue. You want to resolve the issue by specifying what cmdlets and permissions you (and other network admins) can have access to in PowerShell. Which of the following second hop solutions meets your requirements?
Just Enough Administration (JEA)
Which of the following are drawbacks to the workgroup model?
Lack of centralized authentication. Lack of centralized configuration control.
Which Windows Admin Center (WAC) installation type works BEST for testing and small-scale deployments?
Local client installation
Azure policy definitions are defined and applied to Azure resources. Which items on the right can a policy definition be assigned to, and which cannot have a policy definition assigned? (Each item on the left may be used more than once.)
Management groups Policy definitions can be assigned. Subscriptions Policy definitions can be assigned. Resource groups Policy definitions can be assigned. Azure VMs and Arc-enabled servers Policy definitions can be assigned. Workspaces Policy definitions cannot be assigned. App Services Policy definitions cannot be assigned.
You are viewing different data types in line graphs and pinning these graphs to the Azure Dashboard. Which type of Azure Monitor data is being used to create the line graphs?
Metrics
You are using Azure Arc to collect data from all network resources, detect and investigate threats using AI, and respond to incidents rapidly. Which of the following Azure Arc tools are you using to perform these tasks?
Microsoft Sentinel
You are the network administrator for corpnet.com. corpnet.com uses a vendor named partner.com. You create a cross-forest trust with Selective Authentication between the corpnet.com Active Directory forest and the partner.com Active Directory forest. On a file server named File1, you create a share named Share1 and assign the following permissions: Partner\SalesUsers - Allow-Modify NTFS permissions. Partner\SalesUsers - Allow-Full Control share permissions. Users in the Partner\SalesUsers group report that they cannot connect to the \\File1\Share1 share. You need to ensure that users in the Partner\SalesUsers group can connect to the share and modify data. What should you do?
Modify the properties of the File1 computer account in Active Directory Users and Computers.
Which of the following BEST describes Azure Monitor?
Monitors and collects data from hybrid network resources such as applications, containers, and virtual machines.
Which of the following server roles cannot be added to a Windows Server 2016 Server Core deployment?
Network Policy and Access Services (NPAS)
When assigning a policy to a newly created resource, does a remediation task need to be specified?
No. The policy will take effect on newly created resources.
You have a Windows server named Srv9 running Server Core. You want to view the current operating statistics of Srv9 from another Windows Server named Srv3. From Srv3, you open Performance Monitor and try to connect to Srv9. You get the following error: When attempting to connect to the remote computer the following system error occurred: The RPC server is unavailable. What should you do?
On Srv9, start the Remote Registry service. Try the connection again from Srv3.
You want to monitor the processor utilization on your Windows server named Srv12. You want to generate a report that shows the processor utilization on the server over the next three days, capturing utilization data every five minutes. You want to save all data from the report in a single file. What should you do? (Select two. Each choice is a required part of the solution.)
On the Performance Counters tab for the data collector, configure a sample interval of five minutes. On the Stop Condition tab for the data collector set, configure an overall duration of three days. Create a new data collector set with a performance counter data collector.
You have been hired as a consultant for a small business using Windows Server. Three months ago, they installed a new server. Since that time, they report that from time to time, the system has had slowdowns and crashes. You want to look at a report that shows important events for the server since it was installed. You'd like to see when software was installed and any hardware or application failures. You want to view this information with as little effort as possible. What should you do?
Open the System Stability chart in Reliability Monitor.
You want to monitor the processor utilization on your Windows server named Srv12. You want an email notification every time the processor utilization exceeds 90%. You create a new Data Collector set in Performance Monitor. What type of Data Collector should you create?
Performance counter alert
As part of the Windows Admin Center (WAC) configuration process, target computers need to be added. Which of the following target servers can be managed using WAC? (Each item may be used once, more than once, or not at all.)
Physical servers Managed by Windows Admin Center Azure based servers Managed by Windows Admin Center Hyper-V virtual servers Managed by Windows Admin Center Server clusters Managed by Windows Admin Center Hyper-Converged Infrastructure Managed by Windows Admin Center
Windows Admin Center (WAC) can be integrated with Azure Hybrid Services, allowing WAC to be accessed through the Azure portal. Many Azure tools can be consolidated into one central location, which allows Azure virtual machines to be created directly from WAC. Which tool can you use to perform these tasks through WAC?
PowerShell
You've been assigned to manage a Windows Server system named AccServer. This server was deployed using a Server Core installation. You need to make several configuration changes to the system. Which utility could you use to do this?
PowerShell
A network administrator needs to run a command or set of commands on a remote machine and get the results back quickly without establishing a Remote Desktop session. Which of the follow is the BEST choice to accomplish this task? (Select two.)
PowerShell cmdlets PowerShell scripts
You are preparing to install Windows Server 2022 Standard Edition on a new server. The server has the following hardware. Which component will need to be upgraded to fully support the operating system? 1.4 GHz 32-bit processor PCI Express network adapter with 1 gigabit per second throughput 2 TB hard drive with a 64 GB system partition. 6 GB RAM
Processor
Your network is utilizing Windows Active Directory and Kerberos. You have a PowerShell script that performs several tasks using PowerShell remoting. You want to resolve any second hop issues by configuring delegation on a server object instead of on an account. Which of the following Kerberos delegation types would you need to use?
Resource-based delegation
As an IT administrator, you want to access the Computer Management utility from the Start menu on an employee's desktop. How would you access this advanced feature?
Right-click the Start button.
Which of the following resources can you access from the page header in the Azure interface? (Select 3)
Search bar, Global controls, Your account
Windows includes software programs that are not directly related to a server role but add functionality to the entire server. These include management tools, communication protocols, and clustering support. What are these programs called?
Server roles
After completing a Server Core deployment on a new server, you need to prepare the server to join an Active Directory domain and then join it to the domain. Drag the commands on the left to the task they can be used to complete on the right. (Each command may be used once, more than once, or not at all.)
Set the time and time zone control Assign a static IP address netsh Change the name of the computer netdom Join the server to a domain netdom
After completing a Server Core deployment on a new server, you are preparing the server to join an Active Directory domain using PowerShell cmdlets. Drag the commands on the left to the task they can be used to complete on the right. (Each command may be used once, more than once, or not at all.)
Set the time zone Set-TimeZone Assign a static IP address New-NetIPAddress Change the name of the computer Rename-Computer Set the system time Set-Date
Policies can be assigned using Azure Arc. What ways can a policy be applied to Arc servers? (Select two.)
Specific servers Universally
Which of the following are features or benefits specific to a Windows Server 2022 Server Core deployment? (Select two.)
Stable environment Reduced system requirements
When installing Windows Admin Center, which inbound and outbound ports should be opened on the firewall? (Select two.)
TCP Port 443 Outbound Port 445 Inbound
After you install Windows Server 2022, you must activate the server if you want to receive updates from Microsoft to keep your server secure and running smoothly. You have a 30-day grace period in which to activate the server. The vendor who sold the Windows Server license should provide a piece of information that you need to activate your installation. Which of the following do you need to activate your Windows server?
The product key
You have just registered two Linux virtual servers that you want to manage using Azure Arc. Which of the following happened during the registration process to make these servers manageable by Azure Arc? (Select two.)
The servers were placed into a resource group inside an Azure subscription. The servers were assigned Resource IDs.
You have been hired as a consultant for a small business using Windows Server. Over the past week, the system has become unstable. You check the System Stability chart in Reliability Monitor and find the following information for the stability index each day: Monday = 9.19 Tuesday = 5.2 Wednesday = 6.4 Thursday = 8.7 Friday = 7.5 You want to look at information for the day that indicates the least stability. Which day would you look at first?
Tuesday
During the installation of Windows Server, several properties of the local server are configured by default. One of these properties is the time zone. Which time zone is selected for the server by default?
US Pacific
You are the network administrator for westsim.com. The network consists of a single domain. The main office contains a file server named FS1. You need to determine whether the page file on FS1 has been set to the optimal size. What should you do?
Use Performance Monitor to monitor the Paging File, %Usage counter.
You are installing Windows Server 2022 on a system that has a used hard drive that contains important data. The hard drive does not contain any operating system files. Which steps must you perform to complete this installation and save the data? (Select two.)
Use the Custom installation type. Back up the data to another drive.
You have recently upgraded your laptop computer from Windows 10 to Windows 11. What new features are available to you in Windows 11? (Select two)
Virtual desktops Teams
Once policies have been defined and configured, Azure Policy is used to audit network resources for compliance using the Guest Configuration policy. Which of the following ways can the policy be deployed? (Select two.)
Virtual machines use the Guest configuration VM extension. Azure Arc servers have the client installed.
Which of the following methods are used to deploy DSC using Azure Policy? (Select two.)
Virtual machines using a VM extension. Arc-enabled servers using PowerShell to deploy the DSC.
Which of the following is a disk imaging solution that you can use for remote deployment and automated installation of Microsoft Windows operating systems?
Windows Deployment Services
You are the administrator of a hybrid server environment. You have a Windows Server 2012 machine you are planning to use to install Windows Admin Center. Which of the following do you need to update before installation?
Windows Management Framework (WMF)
Which server edition supports an unlimited Storage Replica?
Windows Server 2022 Datacenter Server Core
Which server edition supports an unlimited number of VMs?
Windows Server 2022 Datacenter Server Core
Which server edition requires the least amount of system resources to install?
Windows Server 2022 Standard
Which of the following are available features with Windows Server 2022? (Select two.)
Windows Server Backup BitLocker Drive Encryption
Which server edition supports up to 25 users and 50 devices?
Windows server 2022 Essentials
After selecting an Azure resource, where are the details and information for the selected resource displayed?
Working pane
When a PowerShell remoting session involves a second hop to pull files from a second computer, Kerberos is unable to pass the administrator's credentials to the second machine. This is known as the Kerberos second hop problem. There are several solutions available for this type of issue. Match the solution on the left with the definition on the right.
Works with Active Directory and is more secure than CredSSP but is more complicated. Kerberos delegation Used on the remote server to provide the necessary credentials and effectively ignores the second hop issue. RunAsCredential parameter Passes the credentials to the remote server but requires some awkward syntax and is not ideal for running multiple commands. Invoke-Command script block Limits which cmdlets and permissions a user will have access to in PowerShell. Is configured on every server along the path. Just Enough Administration (JEA) Caches the credentials on the remote server and passes encrypted credentials to the second server. Credential Security Support Provider (CredSSP)
A network administrator is configuring PowerShell remoting to access a Windows 2008 server. What cmdlet must be executed on the remote server before PowerShell remoting can be used?
enable-PSRemoting
You want to monitor processor and memory utilization on Srv4. You create a single data collector set configured to save log files daily. You add the processor and memory data collectors to the data collector set. After running the data collector set for several days, you have several separate log files. You would like to combine the multiple files into a single view so you can see a graphic in Performance Monitor for the entire time period. What should you do? (Select two. Each choice is a possible solution.)
in performance monitor, use the view log data option to select all log files in the range. expand the date range to include all log files. at a command prompt, run the relog command. open the resulting log in performance monitor.
You want to monitor memory statistics on your Windows server named Srv12. You want the monitor to run continuously and create a new log file every hour. In Performance Monitor, you create a new data collector set and add the required data collectors for the statistics you want to monitor. How should you complete the configuration? (Select two. Each choice is a required part of the solution.)
in the data collector set properties, deselect overall duration. In the Data Collector Set properties, select When a limit is reached, restart the data collector set and configure a limit of one hour.
You want to install Windows Admin Center (WAC) directly onto one of the managed servers to remotely manage the server as well as the cluster it belongs to. Which WAC installation type would work BEST to meet your requirements?
managed server installation
Which commands could you use to join a computer to a domain? (Select two.)
netdom Add-Computer
You are at the PowerShell command line, and you need to enter the command that will remove the Telnet Client feature from the server. Use the drop-down list to fill in the blank with the part of the command that is missing: _______________________ -Name Telnet-Client -Restart
remove-windowsfeature
You are using Azure Automation to run scripts with your onboarded Azure Arc network resources. What are you using to define the scripts and steps needed to complete a specific Azure Automation task?
runbook
Which of the following BEST describes the stand-alone model?
Communication takes place using a commonly available public network, such as the internet.
You want to assign a new IP address to a network interface. Which command should you use?
New-NetIPAddress
A network administrator wants to create a session configuration that will protect the computer and prevent unauthorized access while using PowerShell remoting. What command cmdlet is used to create a new session configuration file?
New-PSSessionConfigurationFile
Which of the following occurs when you execute the Enable_PSRemoting cmdlet? (Select two.)
PowerShell session endpoints are defined. An HTTP listener is defined on the remote machine.
To save disk space on your Windows Server 2022 system, you decide to remove unneeded roles and features. Which Windows feature can you use to do this?
Remove Roles and Features