Configuring Windows Server Hybrid Advanced Services

Here you have the best Microsoft AZ-801 practice exam questions

  • You have 146 total questions to study from
  • Each page has 5 questions, making a total of 30 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on December 13, 2024
Question 1 of 146

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a server named Server1 that runs Windows Server.

You need to ensure that only specific applications can modify the data in protected folders on Server1.

Solution: From Virus & threat protection, you configure Controlled folder access.

Does this meet the goal?

    Correct Answer: A

    Controlled folder access in Windows Security is designed to protect folders from unauthorized changes by allowing only trusted applications to access the folders. This feature helps protect data from malicious apps and threats, such as ransomware. By configuring Controlled folder access, you can specify which applications are allowed to make changes to the data in the protected folders, meeting the goal of ensuring that only specific applications can modify the data.

Question 2 of 146

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a server named Server1 that runs Windows Server.

You need to ensure that only specific applications can modify the data in protected folders on Server1.

Solution: From Virus & threat protection, you configure Tamper Protection

Does this meet the goal?

    Correct Answer: B

    Configuring Tamper Protection from Virus & threat protection is intended to prevent malicious applications from altering Microsoft Defender Antivirus settings. It does not restrict specific applications from modifying data in protected folders. To achieve the goal of allowing only specific applications to modify data in protected folders, you should configure Controlled folder access instead.

Question 3 of 146

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a server named Server1 that runs Windows Server.

You need to ensure that only specific applications can modify the data in protected folders on Server1.

Solution: From App & browser control, you configure the Exploit protection settings.

Does this meet the goal?

    Correct Answer: B

    Configuring Exploit protection settings from App & browser control does not specifically ensure that only certain applications can modify data in protected folders. Instead, to achieve this goal, one would configure Controlled folder access in the Virus & threat protection settings. Controlled folder access helps protect files and folders from unauthorized changes by malicious applications, and it allows only trusted applications to access protected folders.

Question 4 of 146

DRAG DROP -

You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant.

The AD DS domain contains a domain controller named DC1. DC1 does NOT have internet access.

You need to configure password security for on-premises users. The solution must meet the following requirements:

✑ Prevent the users from using known weak passwords.

✑ Prevent the users from using the company name in passwords.

What should you do? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all.

You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Select and Place:

    Correct Answer:

    Reference:

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-deploy

Question 5 of 146

HOTSPOT -

The Default Domain Policy Group Policy Object (GPO) is shown in the GPO exhibit. (Click the GPO tab.)

The members of a group named Service Accounts are shown in the Group exhibit. (Click the Group tab.)

An organizational unit (OU) named ServiceAccounts is shown in the OU exhibit. (Click the OU tab.)

You create a Password Settings Object (PSO) as shown in the PSO exhibit. (Click the PSO tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

Hot Area:

    Correct Answer:

    Reference:

    https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/adac/introduction-to-active-directory-administrative-center-enhancements--level-100-

    #fine_grained_pswd_policy_mgmt