Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-801

Free Microsoft AZ-801 Exam Braindumps (page: 6)

Page 4 of 24
PDF with 178 Questions
View Related Case Study

You have 100 Azure virtual machines that run Windows Server. The virtual machines are onboarded to Microsoft Defender for Cloud.
You need to shut down a virtual machine automatically if Microsoft Defender for Cloud generates the "Antimalware disabled in the virtual machine" alert for the virtual machine.
What should you use in Microsoft Defender for Cloud?

  1. a logic app
  2. a workbook
  3. a security policy
  4. adaptive network hardening

Answer(s): A


Reference:

https://docs.microsoft.com/en-us/azure/defender-for-cloud/managing-and-responding-alerts



View Related Case Study

You have a Microsoft Sentinel deployment and 100 Azure Arc-enabled on-premises servers. All the Azure Arc- enabled resources are in the same resource group.
You need to onboard the servers to Microsoft Sentinel. The solution must minimize administrative effort. What should you use to onboard the servers to Microsoft Sentinel?

  1. Azure Automation
  2. Azure Policy
  3. Azure virtual machine extensions
  4. Microsoft Defender for Cloud

Answer(s): B


Reference:

https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/manage/hybrid/server/best-practices/arc- policies-mma



View Related Case Study

You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with a Microsoft Entra tenant by using password hash synchronization.
You have a Microsoft 365 subscription. All devices are hybrid Azure AD-joined.
Users report that they must enter their password manually when accessing Microsoft 365 applications.
You need to reduce the number of times the users are prompted for their password when they access Microsoft 365 and Azure services.
What should you do?

  1. In Microsoft Entra ID, configure a Conditional Access policy for the Microsoft Office 365 applications.
  2. In the DNS zone of the AD DS domain, create an autodiscover record.
  3. From Microsoft Entra Connect, enable single sign-on (SSO).
  4. From Microsoft Entra Connect, configure pass-through authentication.

Answer(s): C


Reference:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start



View Related Case Study

You have an Azure subscription that has Microsoft Defender for Cloud enabled. You have 50 Azure virtual machines that run Windows Server.
You need to ensure that any security exploits detected on the virtual machines are forwarded to Defender for Cloud.
Which extension should you enable on the virtual machines?

  1. Vulnerability assessment for machines
  2. Microsoft Dependency agent
  3. Log Analytics agent for Azure VMs
  4. Guest Configuration agent

Answer(s): A


Reference:

https://docs.microsoft.com/en-us/azure/defender-for-cloud/deploy-vulnerability-assessment-vm



View Related Case Study

HOTSPOT (Drag and Drop is not supported)
Your network contains an Active Directory Domain Services (AD DS) forest. The forest contains the domains shown in the following table.


You are implementing Microsoft Defender for Identity sensors.
You need to install the sensors on the minimum number of domain controllers. The solution must ensure that Defender for Identity will detect all the security risks in both the domains.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/defender-for-identity/technical-faq#deployment https://docs.microsoft.com/en-us/defender-for-identity/install-step4



View Related Case Study

You have 10 servers that run Windows Server in a workgroup.
You need to configure the servers to encrypt all the network traffic between the servers. The solution must be as secure as possible.
Which authentication method should you configure in a connection security rule?

  1. NTLMv2
  2. pre-shared key
  3. Kerberos V5
  4. computer certificate

Answer(s): D


Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/create-an-authentication- request-rule



View Related Case Study

You have an Azure virtual machine named VM1 that runs Windows Server.
You need to encrypt the contents of the disks on VM1 by using Azure Disk Encryption. What is a prerequisite for implementing Azure Disk Encryption?

  1. Customer Lockbox for Microsoft Azure
  2. an Azure key vault
  3. a BitLocker recovery key
  4. data-link layer encryption in Azure

Answer(s): B


Reference:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/disk-encryption-overview



View Related Case Study

Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains two servers named Server1 and Server2 that run Windows Server.
You need to ensure that you can manage Server2 by using the Computer Management console from Server1. The solution must use the principle of least privilege.
Which two Windows Defender Firewall with Advanced Security rules should you enable on Server2? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  1. the COM+ Network Access (DCOM-In) rule
  2. all the rules in the Remote Event Log Management group
  3. the Windows Management Instrumentation (WMI-In) rule
  4. the COM+ Remote Administration (DCOM-In) rule
  5. the Windows Management Instrumentation (DCOM-In) rule

Answer(s): A,B


Reference:

https://docs.microsoft.com/en-us/windows-server/administration/server-manager/configure-remote- management-in-server-manager






Post your Comments and Discuss Microsoft AZ-801 exam prep with other Community members:

AZ-801 Exam Discussions & Posts