Microsoft AZ-801 Online Practice Questions and Exam Preparation

Microsoft AZ-801 Online Questions & Answers

• Question 121:

  You have an Azure subscription. The subscription contains two virtual machines named VM1 and VM2 that run Windows Server.

  VM1 experiences a stop error and fails to start.

  You need to review the memory dump file of the error.

  What should you do first?

  A. On VM2, run Azure Serial Console.
  B. Attach the OS disk of VM1 to VM2.
  C. On VM1, run Azure Serial Console.
  D. For VM1, enable boot diagnostics.
  A. On VM2, run Azure Serial Console.

  ---

  Explanation

  Windows stop error - Hardware malfunction

  Symptoms

  When you use Boot diagnostics to view the screenshot of the VM, you'll see that the screenshot displays a blue screen with the message:

  Hardware Malfunction

  Call your vendor for support

  The system has halted

  Cause

  This screen will appear when the Guest OS wasn't set up correctly and a Non-Maskable Interrupt (NMI) was sent. The error message indicates that a kernel-mode program generated an exception, which the handler didn't catch. You can identify which exception was generated by collecting a memory dump.

  Solution

  Process Overview 1. Set up the Non-Maskable Interrupt (NMI) Registry Key

  2. Create and Access a Repair VM [This is the existing VM2 here] 3. Enable Serial Console and Memory Dump Collection

  4. Rebuild the VM Note: Enable serial console and memory dump collection Before rebuilding the VM, it is recommended to enable memory dump collection and Serial Console. To do this, follow these steps:

  1. Open an elevated command prompt session as an administrator.

  2. Run the following BCDEdit commands using the /ems and /emssettings options:

  Enable the serial console:

  Windows Command Prompt bcdedit /store <volume-letter-containing-the-bcd-folder>:\boot\bcd /ems {<boot-loader-identifier>} ON bcdedit /store <volume-letter-containing-the-bcd-folder>:\boot\bcd /emssettings EMSPORT:1 EMSBAUDRA

  3. Etc.

  References:

  https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/windows/windows-stop-error-hardware-malfunction

• Question 122:

  HOTSPOT

  You have a server that runs Windows Server and has the Web Server (IIS) server role installed. Server1 hosts a single website that has the following configurations: Is accessible by using a URL of https://www.contoso.com:8443 and has an SSL certificate that was issued by a third-party certification authority (CA) in the Microsoft Trusted Root Program:

  1. Uses anonymous authentication

  2. Was developed by using PHP

  You plan to use APP Service Migration Assistant to migrate the website to Azure App Service.

  You need to migrate the website. The solution must minimize the number of changes made to the existing website.

  What should you do manually to ensure that the website migration is successful? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

• Question 123:

  You have a server that runs Windows Server. The server is configured to encrypt all incoming traffic by using a connection security rule.

  You need to ensure that Server1 can respond to the unencrypted tracert commands initiated from computers on the same network.

  What should you do from Windows Defender Firewall with Advanced Security?

  A. From the IPsec Settings, configure IPsec defaults.
  B. Create a new custom outbound rule that allows ICMPv4 protocol connections for all profiles.
  C. Change the Firewall state of the Private profile to Off.
  D. From the IPsec Settings, configure IPsec exemptions.
  D. From the IPsec Settings, configure IPsec exemptions.

• Question 124:

  DRAG DROP

  You have an on-premises server named Server1 that runs Windows Server.

  You need to perform an on-demand backup of the files on Server1 by using Azure Backup.

  Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

  Select and Place:

  

  

• Question 125:

  You have a Microsoft Sentinel deployment and 100 Azure Arc-enabled on-premises servers. All the Azure Arc-enabled resources are in the same resource group.

  You need to onboard the servers to Microsoft Sentinel. The solution must minimize administrative effort.

  What should you use to onboard the servers to Microsoft Sentinel?

  A. Azure Automation
  B. Azure Policy
  C. Azure virtual machine extensions
  D. Microsoft Defender for Cloud
  B. Azure Policy

  ---

  Explanation

  References:

  https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/manage/hybrid/server/best-practices/arc-policies-mma

• Question 126:

  Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

  After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

  You have an on-premises server named Server1 that runs Windows Server.

  You have a Microsoft Sentinel instance.

  You add the Windows Firewall data connector in Microsoft Sentinel.

  You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.

  Solution: You install the Azure Connected Machine agent and Azure Monitor Agent for Windows extension on Server1.

  Does this meet the goal?

  A. Yes
  B. No
  A. Yes

  ---

  Explanation

  Correct:

  You install the Azure Connected Machine agent and Azure Monitor Agent for Windows extension on Server1.

  Incorrect:

  You enable event subscription on Server1

  You install the Azure Connected Machine agent on Server1.

  You install the Log Analytics agent on Server1.

  Log Analytics Agent (Legacy)

  The Log Analytics agent will be retired on 31 August, 2024. If you are using the Log Analytics agent in your Microsoft Sentinel deployment, we recommend that you start planning your migration to the AMA (Azure Monitor Agent).

  You install the Microsoft Integration Runtime on Server1 You onboard Server1 to Microsoft Defender for Endpoint.

  Note:

  The Azure Connected Machine agent enables you to manage your Windows and Linux machines hosted outside of Azure on your corporate network or other cloud providers.

  Connect Microsoft Sentinel to other Microsoft services with a Windows agent-based data connector Connect Microsoft Sentinel to other Microsoft services by using a Windows agent-based connections. Microsoft Sentinel uses the Azure foundation to provide built-in, service-to-service support for data ingestion from many Azure and Microsoft 365 services, Amazon Web Services, and various Windows Server services. There are a few different methods through which these connections are made.

  Azure Monitor Agent

  Some connectors based on the Azure Monitor Agent (AMA) are currently in PREVIEW.

  The Azure Monitor Agent is currently supported only for Windows Security Events, Windows Forwarded Events, and Windows DNS Events.

  The Azure Monitor agent uses Data collection rules (DCRs) to define the data to collect from each agent. Data collection rules offer you two distinct advantages:

  Manage collection settings at scale while still allowing unique, scoped configurations for subsets of machines. They are independent of the workspace and independent of the virtual machine, which means they can be defined once and reused across machines and environments. See Configure data collection for the Azure Monitor agent.

  Build custom filters to choose the exact events you want to ingest. The Azure Monitor Agent uses these rules to filter the data at the source and ingest only the events you want, while leaving everything else behind. This can save you a lot of money in data ingestion costs!

  References:

  https://learn.microsoft.com/en-us/azure/azure-arc/servers/agent-overview

  https://learn.microsoft.com/en-us/azure/sentinel/connect-services-windows-based

• Question 127:

  HOTSPOT

  You have a Storage Spaces Direct cluster named Cluster1 that supports delimiting the allocation of volumes.

  You need to create a volume and delimit its allocation.

  How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

  ---

  Box 1: Get-StorageFaultDomain

  Delimit the allocation of volumes in Storage Spaces Direct

  Create a volume and delimit its allocation

  To create a three-way mirror volume and delimit its allocation:

  1. First assign the servers in your cluster to the variable $Servers:

  $Servers = Get-StorageFaultDomain -Type StorageScaleUnit | Sort FriendlyName

  Box 2: -StorageFaultDomainsToUse

  2. Specify which servers to use with the new -StorageFaultDomainsToUse parameter and by indexing into $Servers. For example, to delimit the allocation to the first, second, third, and fourth servers (indices 0, 1, 2, and 3):

  New-Volume -FriendlyName "MyVolume" -Size 100GB -StorageFaultDomainsToUse $Servers[0,1,2,3]

  References:

  https://learn.microsoft.com/en-us/windows-server/storage/storage-spaces/delimit-volume-allocation

• Question 128:

  You have an on-premises server named Server1 that runs Windows Server and has the Hyper-V server role installed.

  You have an Azure subscription.

  You plan to back up Server1 to Azure by using Azure Backup.

  Which two Azure Backup options require you to deploy Microsoft Azure Backup Server (MABS)? Each correct answer presents a complete solution.

  NOTE: Each correct selection is worth one point.

  A. Bare Metal Recovery
  B. Files and folders
  C. System State
  D. Hyper-V Virtual Machines
  A. Bare Metal Recovery
  D. Hyper-V Virtual Machines

  ---

  Explanation

  References:

  https://docs.microsoft.com/en-us/azure/backup/backup-mabs-system-state-and-bmr

• Question 129:

  HOTSPOT

  You have a server named Server1 that runs Windows Server.

  You need to capture the SYN packets exchanged between Server1 and an IP address of 192.168.0.100.

  How should you complete the command? To answer, select the appropriate options in the answer area.

  NOTE: Each correct selection is worth one point.

  

  

  ---

  Box 1: pktmon

  Windows Server Windows commands, pktmon filter add

  Pktmon filter add allows you to add a filter to control which packets are reported. For a packet to be reported, it must match all conditions specified in at least one filter. Up to 32 filters can be active at once.

  Example: The following filter will capture all the SYN packets sent or received by the IP address 10.0.0.10:

  C:\Test> pktmon filter add -i 10.0.0.10 -t tcp syn

  Box 2: tcp

  References:

  https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/pktmon-filter-add

• Question 130:

  You have two servers named Server1 and Server2 that run Windows Server. Both servers have the Hyper-V server role installed.

  Server1 hosts three virtual machines named VM1, VM2, and VM3. The virtual machines replicate to Server2.

  Server1 experiences a hardware failure.

  You need to bring VM1, VM2, and VM3 back online as soon as possible.

  From the Hyper-V Manager console on Server2, what should you run for each virtual machine?

  A. Start
  B. Move
  C. Unplanned Failover
  D. Planned Failover
  C. Unplanned Failover

  ---

  Explanation

  References:

  https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/manage/set-up-hyper-v-replica