Configuring Windows Server Hybrid Advanced Services

Here you have the best Microsoft AZ-801 practice exam questions

  • You have 313 total questions across 63 pages (5 per page)
  • These questions were last updated on March 16, 2026
  • This site is not affiliated with or endorsed by Microsoft.
Question 1 of 313
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a server named Server1 that runs Windows Server.
You need to ensure that only specific applications can modify the data in protected folders on Server1.
Solution: From Virus & threat protection, you configure Controlled folder access.
Does this meet the goal?
Answer

Suggested Answer

The suggested answer is A.

Controlled folder access in Windows Security is designed to protect folders from unauthorized changes by allowing only trusted applications to access the folders. This feature helps protect data from malicious apps and threats, such as ransomware. By configuring Controlled folder access, you can specify which applications are allowed to make changes to the data in the protected folders, meeting the goal of ensuring that only specific applications can modify the data.

Community Votes24 votes
ASuggested
92%
B
8%
Question 2 of 313
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a server named Server1 that runs Windows Server.
You need to ensure that only specific applications can modify the data in protected folders on Server1.
Solution: From Virus & threat protection, you configure Tamper Protection
Does this meet the goal?
Answer

Suggested Answer

The suggested answer is B.

Configuring Tamper Protection from Virus & threat protection is intended to prevent malicious applications from altering Microsoft Defender Antivirus settings. It does not restrict specific applications from modifying data in protected folders. To achieve the goal of allowing only specific applications to modify data in protected folders, you should configure Controlled folder access instead.

Community Votes11 votes
BSuggested
100%
Question 3 of 313
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a server named Server1 that runs Windows Server.
You need to ensure that only specific applications can modify the data in protected folders on Server1.
Solution: From App & browser control, you configure the Exploit protection settings.
Does this meet the goal?
Answer

Suggested Answer

The suggested answer is B.

Configuring Exploit protection settings from App & browser control does not specifically ensure that only certain applications can modify data in protected folders. Instead, to achieve this goal, one would configure Controlled folder access in the Virus & threat protection settings. Controlled folder access helps protect files and folders from unauthorized changes by malicious applications, and it allows only trusted applications to access protected folders.

Community Votes14 votes
BSuggested
100%
Question 4 of 313
DRAG DROP -
You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant.
The AD DS domain contains a domain controller named DC1. DC1 does NOT have internet access.
You need to configure password security for on-premises users. The solution must meet the following requirements:
✑ Prevent the users from using known weak passwords.
✑ Prevent the users from using the company name in passwords.
What should you do? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:
Exam AZ-801: Question 4 - Image 1
Answer

Suggested Answer

Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-deploy Exam AZ-801: Question 4 - Image 2
Question 5 of 313
HOTSPOT -
The Default Domain Policy Group Policy Object (GPO) is shown in the GPO exhibit. (Click the GPO tab.)
Exam AZ-801: Question 5 - Image 1
The members of a group named Service Accounts are shown in the Group exhibit. (Click the Group tab.)
Exam AZ-801: Question 5 - Image 2
An organizational unit (OU) named ServiceAccounts is shown in the OU exhibit. (Click the OU tab.)
Exam AZ-801: Question 5 - Image 3
You create a Password Settings Object (PSO) as shown in the PSO exhibit. (Click the PSO tab.)
Exam AZ-801: Question 5 - Image 4
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Exam AZ-801: Question 5 - Image 5
Answer

Suggested Answer

Reference:
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/adac/introduction-to-active-directory-administrative-center-enhancements--level-100-
#fine_grained_pswd_policy_mgmt Exam AZ-801: Question 5 - Image 6

About the Microsoft AZ-801 Certification Exam

About the Exam

The Microsoft AZ-801 (Configuring Windows Server Hybrid Advanced Services) validates your knowledge and skills. Passing demonstrates proficiency and can boost your career prospects in the field.

How to Prepare

Work through all 313 practice questions across 63 pages. Focus on understanding the reasoning behind each answer rather than memorizing responses to be ready for any variation on the real exam.

Why Practice Exams?

Practice exams help you familiarize yourself with the question format, manage your time, and reduce anxiety on the test day. Our AZ-801 questions are regularly updated to reflect the latest exam objectives.