CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-801

Free AZ-801 Exam Braindumps (page: 5)

Page 4 of 37
PDF with 158 Questions

HOTSPOT (Drag and Drop is not supported)
The Default Domain Policy Group Policy Object (GPO) is shown in the GPO exhibit. (Click the GPO tab.)


The members of a group named Service Accounts are shown in the Group exhibit. (Click the Group tab.)


An organizational unit (OU) named ServiceAccounts is shown in the OU exhibit. (Click the OU tab.)


You create a Password Settings Object (PSO) as shown in the PSO exhibit. (Click the PSO tab.)


For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/adac/introduction-to-active-directoryadministrative-center-enhancements--level-100-#fine_grained_pswd_policy_mgmt



DRAG DROP (Drag and Drop is not supported)
Your network contains an Active Directory Domain Services (AD DS) domain. You need to implement a solution that meets the following requirements:
-Ensures that the members of the Domain Admins group are allowed to sign in only to domain controllers
-Ensures that the lifetime of Kerberos Ticket Granting Ticket (TGT) for the members of the Domain Admins group is limited to one hour

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/how-to-configure-protected-accounts



You have an Azure virtual machine named VM1 that runs Windows Server. You plan to deploy a new line-of-business (LOB) application to VM1.
You need to ensure that the application can create child processes.
What should you configure on VM1?

  1. Microsoft Defender Credential Guard
  2. Microsoft Defender Application Control
  3. Microsoft Defender SmartScreen
  4. Exploit protection

Answer(s): D


Reference:

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/customize-exploitprotection?view=o365-worldwide



HOTSPOT (Drag and Drop is not supported)
Your network contains an Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains the organizational units (OUs) shown in the following table.


In the domain, you create the Group Policy Objects (GPOs) shown in the following table.


You need to implement IPsec authentication to ensure that only authenticated computer accounts can connect to the members in the domain. The solution must minimize administrative effort.
Which GPOs should you apply to the Domain Controllers OU and the Domain Servers OU? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/configure-authenticationmethods






Post your Comments and Discuss Microsoft AZ-801 exam with other Community members: