Exam AZ-800 All QuestionsBrowse all questions from this exam
Go to Exam
Question 75

HOTSPOT

-

Your on-premises network contains an Active Directory domain named contoso.com and 500 servers that run Windows Server. All the servers are Azure Arc-enabled and joined to contoso.com.

You need to implement PowerShell Desired State Configuration (DSC) on all the servers. The solution must minimize administrative effort.

Where should you store the DSC scripts, and what should you use to apply DSC to the servers? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

    Correct Answer:

Discussion
ala76nl

Correct answer in second part is use virtual machine extensions Here's an overview of the process: You store and compile your DSC scripts in your Azure Automation account. When the scripts are compiled, they become Node Configurations. To apply the DSC configurations to your VMs, you "Onboard" the VMs to Azure Automation DSC. This process involves installing the PowerShell DSC VM extension on the VMs (if it's not already installed), and registering the VMs with the Azure Automation DSC service. As part of the onboarding process, you assign a Node Configuration to each VM. The PowerShell DSC VM extension on each VM then periodically checks with the Azure Automation DSC service, pulls the assigned Node Configuration, and ensures that the VM is configured according to that Node Configuration. The compliance status of each VM (whether it's correctly configured according to its assigned Node Configuration) is then reported back to Azure Automation DSC, and you can view this status in the Azure portal.

Krayzr

Seems like correct Store in: An Azure Automation account: Azure Automation allows you to automate the creation, deployment, monitoring, and maintenance of resources in your Azure environment using a highly scalable and reliable workflow execution engine. It would be the best place to store the DSC scripts as it provides a way to manage configurations at scale using PowerShell DSC. Use: Azure virtual machines extensions: Azure VM extensions are small applications that provide post-deployment configuration and automation tasks on Azure virtual machines. In this case, the DSC extension for Windows will be used to apply the DSC configuration to the servers. This extension is directly integrated with Azure and provides a seamless experience for applying configuration.

MR_Eliot

Box1: 3 Box2: 3 https://learn.microsoft.com/en-us/azure/automation/automation-dsc-overview?source=recommendations Before you enable Automation State Configuration, we would like you to know that a newer version of DSC is now generally available, managed by a feature of Azure Policy named guest configuration. The guest configuration service combines features of DSC Extension, Azure Automation State Configuration, and the most commonly requested features from customer feedback. Guest configuration also includes hybrid machine support through Arc-enabled servers.

Anonymouse1312

you are CORRECT: https://blog.matrixpost.net/infrastructure-as-code-iac-part-5-azure-automanage-machine-configuration-formerly-called-azure-policy-guest-configuration/ https://blog.matrixpost.net/infrastructure-as-code-iac-part-4-azure-automation-state/ In a nutshell, there are/ were two ways: Azure Automation State Configuration - DSC scripts are stored in an Automation Account under “State Configuration (DSC)” - Seems to be deprecated as of October 2023 - Deployment happens after compiling the DSC config file, after which it is ready to be pulled by the server Azure Automanage Machine Configuration - The DSC config file is compiled into a MOF file, packaged, and used by machine configuration to create the Azure Policy definitions - In order for VMs to be automanaged, they must have assigned a system assigned managed identity So, boxes 3/3 are correct because Azure VM extension are not used to APPLY the DSC. They are a prerequisite for it to work

syu31svc

https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/dsc-overview https://learn.microsoft.com/en-us/azure/azure-arc/servers/overview https://learn.microsoft.com/en-us/azure/governance/machine-configuration/overview Answer is correct

leegend

Got this question 28-5-23

STFN2019

Correct, ref: https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/dsc-overview

ala76nl

Wrong. You either go for the Azure automation method or by the Azure policy method. So you create a gues configuration package and reference this in a azure policy definition.

lucacose

Azure Automation Account Guest Configuration in Azure policy https://learn.microsoft.com/en-us/azure/automation/automation-dsc-overview?source=recommendations

Mtijnz0r

https://learn.microsoft.com/en-us/azure/automation/automation-dsc-overview Before you enable Automation State Configuration, we would like you to know that a newer version of DSC is now generally available, managed by a feature of Azure Policy named guest configuration. The guest configuration service combines features of DSC Extension, Azure Automation State Configuration, and the most commonly requested features from customer feedback. Guest configuration also includes hybrid machine support through Arc-enabled servers.

Maup33

https://learn.microsoft.com/en-us/azure/automation/automation-dsc-onboarding

Maup33

Azure Policy’s guest configuration feature is in public preview for applying configurations to Azure virtual machines and Arc-enabled machines. Guest configuration is integrated with Azure Security Center, Azure Automanage and will continue to expand. We have listened to your feedback, that it should be easy to configure the state of virtual machines in Azure and machines that are hybrid connected by Azure Arc. Top priorities include regulatory, security and operational compliance. Using guest configuration, you can apply configurations provided by Microsoft, or create your own configuration packages using PowerShell DSC version 3.