You have an Azure virtual machine named VM1.You enable Microsoft Defender SmartScreen on VM1.You need to ensure that the SmartScreen messages displayed to users are logged.What should you do?
Answer(s): C
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft- defender-smartscreen-overview
HOTSPOT (Drag and Drop is not supported)Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains a server named Server1 that runs Windows Server.You run Get-BitLockerVolume -MountPoint C,D | fl *, which generates the following output.You need to ensure that volume D will be unlocked automatically when Server1 restarts.How should you complete the command? To answer, select the appropriate options in the answer area.Note: Each correct selection is worth one point.Hot Area:
Answer(s): A
Box 1: Add-BitLockerKeyProtectorFrom the exhibit we see for volume D that AutoUnlockEnabled is False, and AutoUnlockKeyStored is empty.The Add-BitLockerKeyProtector cmdlet adds a protector for the volume key of the volume protected with BitLocker Drive Encryption.Example: The following example adds an ADAccountOrGroup protector to the previously encrypted operating system volume using the SID of the account:Add-BitLockerKeyProtector C: -ADAccountOrGroupProtector -ADAccountOrGroup S-1-5-21-3651336348- 8937238915-291003330-500Active Directory-based protectors are normally used to unlock Failover Cluster enabled volumes.Box 2: ServiceThe -Service parameter indicates that the system account for this computer unlocks the encrypted volume.Add-BitLockerKeyProtector syntax with use of the ADAccountOrGroupProtector parameter:Add-BitLockerKeyProtector[-MountPoint] <String[]>[-ADAccountOrGroupProtector][-ADAccountOrGroup] <String>[-Service][-WhatIf][-Confirm][<CommonParameters>]Incorrect:* Enable-BitLockerAutoUnlockThe Enable-BitLockerAutoUnlock cmdlet enables automatic unlocking for a volume protected by BitLocker Disk Encryption.The command has no -ADAccountOrGroupProtector parameter.Syntax:Enable-BitLockerAutoUnlock[-MountPoint] <String[]>[-WhatIf][-Confirm][<CommonParameters>]* The Clear-BitLockerAutoUnlock cmdlet removes all automatic unlocking keys used by BitLocker Drive Encryption. BitLocker stores these keys for the fixed data drives of a system on a volume that hosts a BitLocker-enabled operating system volume so that it can automatically unlock the fixed and removable data volumes in a system. This makes it easier for users to access data volumes.Syntax: Clear-BitLockerAutoUnlock []
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-use- bitlocker-drive-encryption-tools-to-manage-bitlocker https://docs.microsoft.com/en-us/powershell/module/bitlocker/add-bitlockerkeyprotector
HOTSPOT (Drag and Drop is not supported)Your network contains an on-premises Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains the accounts shown in the following table.The domain is configured to store BitLocker recovery keys in Active Directory.Admin1 and Admin2 perform the following configurations:1. Admin1 turns on BitLocker Drive Encryption (BitLocker) for volume C on Server1.2. Admin1 moves Server1 to OU1.3. Admin2 turns on BitLocker for removable volume E on Server2.4. Admin2 moves removable volume E from Server2 to Server1 and unlocks the volume.On which Active Directory object can you view each BitLocker recovery key? To answer, select the appropriate options in the answer area.Note: Each correct selection is worth one point.Hot Area:
Box 1: Server1You can configure Group Policies in your domain so that when encrypting any drive with BitLocker, the computer will save the recovery key in its computer object account in AD (like storing a local computer administrator password generated using LAPS).Box 2: Server2
http://woshub.com/store-bitlocker-recovery-keys-active-directory/
HOTSPOT (Drag and Drop is not supported)Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains servers that run Windows Server as shown in the following table.Server1 has the connection security rules shown in the following table.Server2 has the connection security rules shown in the following table.Server3 has the connection security rules shown in the following table.For each of the following statements, select Yes if the statement is true. Otherwise, select No.Note: Each correct selection is worth one point.Hot Area:
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/change-rules- from-request-to-require-mode
You have an Azure subscription that contains a user named User1 and the resources shown in the following table.User1 has a computer named Computer1 that runs Windows 11. User1 works from home and establishes a Point-to-Site (P2S) connection to GW1 to access AppSvr1.You deploy the resources shown in the following table.User1 cannot access AppSvr2.You need to ensure that User1 can access AppSvr2.What should you do?
Post your Comments and Discuss Microsoft AZ-801 exam dumps with other Community members:
Ernest Commented on October 27, 2025 some answers seem to be wrong. students are advised to review any questions that they are unsure of using MS Learn. Anonymous
Mav Commented on June 10, 2025 Question 29 is missing the answers in the reveal answers section. Anonymous
BitShifter Commented on May 05, 2025 AZ-801 practice questions got updated, makin' studyin' way easier. Finland
Philippe Commented on January 22, 2023 Iam impressed with the quality of these dumps. They questions and answers were easy to understand and the Xengine App was very helpful to use. CANADA
Philippe Commented on January 22, 2023 iam impressed with the quality of these dumps. they questions and answers were easy to understand and the xengine app was very helpful to use. CANADA