Free AZ-801 Exam Braindumps (page: 4)

Page 4 of 37

HOTSPOT (Drag and Drop is not supported)
The Default Domain Policy Group Policy Object (GPO) is shown in the GPO exhibit. (Click the GPO tab.)


The members of a group named Service Accounts are shown in the Group exhibit. (Click the Group tab.)


An organizational unit (OU) named ServiceAccounts is shown in the OU exhibit. (Click the OU tab.)


You create a Password Settings Object (PSO) as shown in the PSO exhibit. (Click the PSO tab.)


For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/adac/introduction-to-active-directoryadministrative-center-enhancements--level-100-#fine_grained_pswd_policy_mgmt



DRAG DROP (Drag and Drop is not supported)
Your network contains an Active Directory Domain Services (AD DS) domain. You need to implement a solution that meets the following requirements:
-Ensures that the members of the Domain Admins group are allowed to sign in only to domain controllers
-Ensures that the lifetime of Kerberos Ticket Granting Ticket (TGT) for the members of the Domain Admins group is limited to one hour

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/how-to-configure-protected-accounts



You have an Azure virtual machine named VM1 that runs Windows Server. You plan to deploy a new line-of-business (LOB) application to VM1.
You need to ensure that the application can create child processes.
What should you configure on VM1?

  1. Microsoft Defender Credential Guard
  2. Microsoft Defender Application Control
  3. Microsoft Defender SmartScreen
  4. Exploit protection

Answer(s): D


Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-exploitprotection?view=o365-worldwide



HOTSPOT (Drag and Drop is not supported)
Your network contains an Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains the organizational units (OUs) shown in the following table.


In the domain, you create the Group Policy Objects (GPOs) shown in the following table.


You need to implement IPsec authentication to ensure that only authenticated computer accounts can connect to the members in the domain. The solution must minimize administrative effort.
Which GPOs should you apply to the Domain Controllers OU and the Domain Servers OU? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/configure-authenticationmethods



Page 4 of 37



Post your Comments and Discuss Microsoft AZ-801 exam with other Community members:

Philippe 1/22/2023 10:24:00 AM
iam impressed with the quality of these dumps. they questions and answers were easy to understand and the xengine app was very helpful to use.
CANADA
upvote

Philippe 1/22/2023 10:24:07 AM
Iam impressed with the quality of these dumps. They questions and answers were easy to understand and the Xengine App was very helpful to use.
CANADA
upvote