Microsoft AZ-800 Exam Practice Test Instant Access

Question 1

Task 1

You need to prevent domain users from saving executable files in a share named \\SRVl\Dat

a. The users must be able to save other files to the share.

ASee the solution o fthis Task below

Answer : A

One possible solution to prevent domain users from saving executable files in a share named \SRVl\Data is to use file screening on the file server. File screening allows you to block certain files from being saved based on their file name extension. Here are the steps to configure file screening:

On the file server, openFile Server Resource Managerfrom theAdministrative Toolsmenu.

In the left pane, expandFile Screening Managementand click onFile Groups.

Right-click onFile Groupsand selectCreate File Group.

In theFile Group Propertiesdialog box, enter a name for the file group, such asExecutable Files.

In theFiles to includebox, enter the file name extensions that you want to block, such as.exe, .bat, .cmd, .com, .msi, .scr. You can use wildcards to specify multiple extensions, such as *.exe.

ClickOKto create the file group.

In the left pane, click onFile Screen Templates.

Right-click onFile Screen Templatesand selectCreate File Screen Template.

In theFile Screen Template Propertiesdialog box, enter a name for the template, such asBlock Executable Files.

On theSettingstab, select the optionActive screening: Do not allow users to save unauthorized files.

On theFile Groupstab, check the box next to the file group that you created, such asExecutable Files.

On theNotificationtab, you can configure how to notify users and administrators when a file screening event occurs, such as sending an email, logging an event, or running a command or script. You can also customize the message that users see when they try to save a blocked file.

ClickOKto create the file screen template.

In the left pane, click onFile Screens.

Right-click onFile Screensand selectCreate File Screen.

In theCreate File Screendialog box, enter the path of the folder that you want to apply the file screening to, such as\SRVl\Data.

Select the optionDerive properties from this file screen template (recommended)and choose the template that you created, such asBlock Executable Files.

ClickCreateto create the file screen.

Now, domain users will not be able to save executable files in the share named \SRVl\Data. They will be able to save other files to the share.

Question 2

You have a server named Server1 that runs Windows Server. The disks on Server1 are configured as shown in the following exhibit.

You need to convert volume E to ReFS. The solution must meet the following requirements:

* Preserve the existing data on volume E.

* Minimize administrative effort.

What should you do first?

ATake Disk 2 offline.

BBack up the data on volume E.

CConvert Disk 2 to a dynamic disk.

DRunconvert.exe.

Answer : B

Question 3

You have an Active Directory Domain Services (AD DS) domain. The domain contains three servers named Server 1, Server2, and Server3 that run Windows Server.

You sign in to Server1 by using a domain account and start a remote PowerShell session to Server2. From the remote PowerShell session, you attempt to access a resource on Server3. but access to the resource is denied.

You need to ensure that your credentials are passed from Server1 to Server3. The solution must minimize administrative effort. What should you do?

AConfigure Kerberos constrained delegation.

BConfigure Just Enough Administration (JEA).

CConfigure selective authentication for the domain.

DDisable the Enforce user logon restrictions policy setting for the domain.

Answer : A

Question 4

You have an Azure subscription that contains the storage accounts shown in the following table.

In the West US Azure region, you create a storage sync service named SyncA.

You plan to create a sync group named GroupA.

What is the maximum number of cloud endpoints you can use with GroupA?

Answer : B

Question 5

You have a server named Server1 that runs Windows Server and contains a file share named Share1.

You need to prevent users from stoning MP4 files in Share1. The solution must ensure that the users can store other types of files in the share.

What should you configure on Server1?

AFile Management Tasks

BNTFS Quotas

CNTFS permissions

Dfile screens

Answer : D

Question 6

You have an Azure virtual machine named VM1 that runs Windows Server.

You need to ensure that administrators request access to VM1 before establishing a Remote Desktop connection.

What should you configure?

AAzure Front Door

BMicrosoft Defender for Cloud

CAzure AD Privileged Identity Management (PIM)

Da network security group (NSG)

Answer : B

Question 7

Your network contains a DHCP server.

You plan to add a new subnet and deploy Windows Server to the subnet.

You need to use the server as a DHCP relay agent.

Which role should you install on the server?

ANetwork Policy and Access Services

BRemote Access

CNetwork Controller

DDHCP Server

Answer : B

Microsoft AZ-800 Administering Windows Server Hybrid Core Infrastructure Exam Practice Test