Latest AZ-800 Practice Tests

Premium

AZ-800 Dumps - Full Mock Test

Administering Windows Server Hybrid Core Infrastructure

140 Questions
120 MINUTES
2025-04-20 Updated

Full Access

QUESTION 46

- (Topic 3)
You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant Group writeback is enabled in Azure AD Connect.
The AD DS domain contains a server named Server1 Server 1 contains a shared folder named share1.
You have an Azure Storage account named storage2 that uses Azure AD-based access control. The storage2 account contains a share named shared
You need to create a security group that meets the following requirements:
• Can contain users from the AD DS domain
• Can be used to authorize user access to share 1 and share2 What should you do?

A. in the AD DS domain, create a universal security group
B. in the Azure AD tenant create a security group that has assigned membership
C. in the Azure AD Tenant create a security group that has dynamic membership.
D. in the Azure AD tenant create a Microsoft 365 group

Correct Answer: B

QUESTION 47

SIMULATION - (Topic 4)
Task 9
You plan to create group managed service accounts (gMSAs).
You need to configure the domain to support the creation of gMSAs.
Solution:
To configure the domain to support the creation of gMSAs, you need to perform the following steps:
✑ On a domain controller or a computer that has the Remote Server Administration
Tools (RSAT) installed, open PowerShell as an administrator and run the following command to install the Active Directory module:
Install-WindowsFeature -Name RSAT-AD-PowerShell
✑ Run the following command to create a Key Distribution Service (KDS) root key, which is required for generating passwords for gMSAs. You only need to do this once per domain:
Add-KdsRootKey -EffectiveImmediately
✑ Wait for at least 10 hours for the KDS root key to replicate to all domain controllers in the domain. Alternatively, you can use the -EffectiveTime parameter to specify a past date and time for the KDS root key, but this is not recommended for security reasons. For more information, see Add-KdsRootKey.
✑ After the KDS root key is replicated, you can create and configure gMSAs using
the New-ADServiceAccount and Set-ADServiceAccount cmdlets. For more information, see Create a gMSA and Configure a gMSA.

Does this meet the goal?

A. Yes
B. No

Correct Answer: A

QUESTION 48

- (Topic 3)
Your network contains an on-premises Active Directory Domain Services (AD DS) domain named contoso.com The domain contains three servers that run Windows Server and have the Hyper-V server rote installed. Each server has a Switch Embedded Teaming (SET) team
You need to verity that Remote Direct Memory Access (RDMA) and all the required Windows Server settings are configured properly on each server.
What should you use?

A. Server Manager
B. the validate-DCB cmdtet
C. the Get-NetAdaptor cmdlet
D. Failover Cluster Manager

Correct Answer: B
Reference: https://github.com/Microsoft/Validate-DCB