Loading questions...
Loading questions...
Preview
Updated
Want a break from the ads?
Become a Supporter and enjoy a completely ad-free experience, plus unlock Learn Mode, Exam Mode, AstroTutor AI, and more.
You have an Azure subscription that contains the virtual machines shown in the following table.
You plan to implement Azure Automanage for Windows Server.
You need to identify the operating system prerequisites.
Which virtual machines support Hotpatch, and which virtual machines support SMB over QUIC? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains the domain controllers shown in the following table.
You need to ensure that if an attacker compromises the computer account of RODC1, the attacker cannot view the Employee-Number AD DS attribute.
Which partition should you modify?
Your on-premises network contains an Active Directory Domain Services (AD DS) domain.
You plan to sync the domain with an Azure AD tenant by using Azure AD Connect cloud sync.
You need to meet the following requirements:
• Install the software required to sync the domain and Azure AD.
• Enable password hash synchronization.
What should you install, and what should you use to enable password hash synchronization? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains the resources shown in the following table.
You plan to replicate a volume from Server1 to Server2 by using Storage Replica.
You need to configure Storage Replica.
Where should you install Windows Admin Center?
Your network contains two Active Directory Domain Services (AD DS) forests as shown in the following exhibit.
The forests contain the domain controllers shown in the following table.
You perform the following actions on DC1:
• Create a user named User1.
• Extend the schema with a new attribute named Attribute1.
To which domain controllers are User1 and Attribute1 replicated? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have servers that run Windows Server 2022 as shown in the following table.
Server2 contains a .NET app named App1.
You need to establish a WebSocket connection from App1 to the SQL Server instance on Server1. The solution must meet the following requirements:
• Minimize the number of network ports that must be open on the on-premises network firewall.
• Minimize administrative effort.
What should you create first?
Your network contains an on-premises Active Directory Domain Services (AD DS) domain named contoso.com that syncs with an Azure AD tenant. The tenant contains a group named Group1 and the users shown in the following table.
Domain/OU filtering in Azure AD Connect is configured as shown in the Filtering exhibit. (Click the Filtering tab.)
You review the Azure AD Connect configurations as shown in the Configure exhibit. (Click the Configure tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You have an Azure subscription that contains a virtual network named VNet1. Vnet1 contains three subnets named Subnet1, Subnet2, and Subnet3.
You deploy a virtual machine that has the following settings:
• Name:VM1
• Subnet: Subnet2
• Network interface name: NIC1
• Operating system: Windows Server 2022
You need to ensure that VM1 can route traffic between Subnet1 and Subnet3. The solution must minimize administrative effort.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an on-premises server named Server1 that runs Windows Server. Server1 contains an app named App1 and a firewall named Firewall1.
You have an Azure subscription.
Internal users connect to App1 by using WebSockets.
You need to make App1 available to users on the internet. The solution must minimize the number of inbound ports open on Firewall1.
What should you include in the solution?
You have a server named Server1 that runs Windows Server and has the Hyper-V server role installed. Server1 contains a virtual machine named VM1 that runs Windows Server.
You need to install the Hyper-V server role on VM1.
Which PowerShell command should you run first? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have an on-premises Active Directory Domain Services (AD DS) domain named contoso.com that syncs with Azure AD by using Azure AD Connect.
You enable password protection for contoso.com.
You need to prevent users from including the word contoso as part of their password.
What should you use?
You have an Active Directory Domain Services (AD DS) domain that contains a group named Group1.
You need to create a group managed service account (gMSA) named Account1. The solution must ensure that Group1 can use Account1.
How should you complete the script? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a disaggregated cluster deployment. The deployment contains a scale-out file server (SOFS) cluster that runs Windows Server and a compute cluster that has the Hyper-V role enabled.
You need to implement Storage Quality of Service (QoS). The solution must ensure that you can control the bandwidth usage between the SOFS cluster and the Hyper-V cluster.
Which cmdlet should you run on each cluster? To answer, drag the appropriate cmdlets to the correct clusters. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
ADatum Corporation is a manufacturing company that has a main office in Seattle and two branch offices in Los Angeles and Montreal.
ADatum recently partnered with 2 company named Fabrikam, Inc.
Fabrikam is a manufacturing company that has a main office in Boston and a branch office in Orlando.
Both companies intend to collaborate on several joint projects.
The on-premises network of ADatum contains an Active Directory Domain Services (AD DS) forest named adatum.com.
The forest contains two domains named adatum.com and east.adatum.com and the domain controllers shown in the following table.
The on-premises network of Fabrikam contains an AD DS forest named fabrikam.com.
The forest contains two domains named fabrikam.com and south.fabrikam.com.
The fabrikam.com domain contains an organizational unit (OU) named Marketing.
The adatum.com domain contains the servers shown in the following table.
HyperV1 contains the virtual machines shown in the following table.
All the virtual machines on HyperV1 have only the default management tools installed.
SSPace1 contains the Storage Spaces virtual disks shown in the following table.
ADatum has an Azure subscription that contains an Azure AD tenant. Azure AD Connect is configured to sync the adatum.com forest with Azure AD.
The subscription contains the virtual networks shown in the following table.
The subscription contains the Azure Private DNS zones shown in the following table.
The subscription contains the virtual machines shown in the following table.
All the servers are in a workgroup.
The subscription contains a storage account named storage1 that has a file share named share1.
ADatum plans to implement the following changes:
• Sync Data1 to share1.
• Configure an Azure runbook named Task1.
• Enable Azure AD users to sign in to Server1.
• Create an Azure DNS Private Resolver that has the following configurations:
• Name: Private1
• Region: West US
• Virtual network: VNet1
• Inbound endpoint: SubnetB
• Enable users in the adatum.com domain to access the resources in the south.fabrikam.com domain.
ADatum identifies the following technical requirements:
• The data on SSPace1 must be available always.
• DC2 must become the schema master if DC1 fails.
• VM3 must be configured to enable per-folder quotas.
• Trusts must allow access to only the required resources.
• The users in the Marketing OU must have access to storage1.
• Azure Automanage must be used on all supported Azure virtual machines.
• A direct SSH session must be used to manage all the supported virtual machines on HyperV1.
You need to ensure that data availability on SSPace1 meets the technical requirements.
What is the maximum number of physical disks that can fail on each disk? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You have a server named Server1 that runs Windows Server and has the DHCP Server role installed. Server1 contains the following single scope:
• Scope: 192.168.16.0
• Address pool: 192.168.16.1-192.168.16.254
• Subnet mask: 255.255.255.0
• Lease duration: 8 days
You have four testing devices that are configured with static IP addresses as shown in the following table.
The test devices are turned on once a month.
You need to prevent Server1 from assigning the IP addresses allocated to the test devices to other devices when the test devices are offline. The solution must minimize administrative effort.
What should you do?
You have an Azure subscription and a computer named Computer1 that runs Windows 11.
From the Azure portal, you deploy a virtual machine named VM1 that runs Windows Server. You configure VM1 to use the default settings.
You need to ensure that you can connect to VM1 by using PowerShell remoting.
Which cmdlet should you run, and what should you use to run the cmdlet? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains a server named Server1.
You implement Just Enough Administration (JEA) on Server1.
You need to perform remote administration tasks on Server by using only JEA.
What should you use?
You have an Azure subscription. The subscription contains a virtual machine named VM1 that runs Windows Server.
You plan to manage VM1 by using a PowerShell runbook.
You need to create the runbook.
What should you create first?
Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains the offices shown in the following table.
You need to deploy a Network Policy Server (NPS) named NPS1 to enforce network access policies for all remote connections.
What is the minimum number of RADIUS clients that you should add to NPS1?
You have an Active Directory Domain Services (AD DS) domain that contains the domain controllers shown in the following table.
The domain contains an app named App1 that uses a custom application partition to store configuration data.
You decommission App1.
When you attempt to remove the custom application partition, the process fails.
Which domain controller is unavailable?
You have an on-premises server named Server1 that runs Windows Server. Server1 contains a file share named Share1.
You have an Azure subscription.
You perform the following actions:
• Deploy Azure File Sync.
• Install the Azure File Sync agent on Server1.
• Register Server1 with Azure File Sync.
You need to ensure that you can add Share1 as an Azure File Sync server endpoint.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
ADatum Corporation is a manufacturing company that has a main office in Seattle and two branch offices in Los Angeles and Montreal.
ADatum recently partnered with 2 company named Fabrikam, Inc.
Fabrikam is a manufacturing company that has a main office in Boston and a branch office in Orlando.
Both companies intend to collaborate on several joint projects.
The on-premises network of ADatum contains an Active Directory Domain Services (AD DS) forest named adatum.com.
The forest contains two domains named adatum.com and east.adatum.com and the domain controllers shown in the following table.
The on-premises network of Fabrikam contains an AD DS forest named fabrikam.com.
The forest contains two domains named fabrikam.com and south.fabrikam.com.
The fabrikam.com domain contains an organizational unit (OU) named Marketing.
The adatum.com domain contains the servers shown in the following table.
HyperV1 contains the virtual machines shown in the following table.
All the virtual machines on HyperV1 have only the default management tools installed.
SSPace1 contains the Storage Spaces virtual disks shown in the following table.
ADatum has an Azure subscription that contains an Azure AD tenant. Azure AD Connect is configured to sync the adatum.com forest with Azure AD.
The subscription contains the virtual networks shown in the following table.
The subscription contains the Azure Private DNS zones shown in the following table.
The subscription contains the virtual machines shown in the following table.
All the servers are in a workgroup.
The subscription contains a storage account named storage1 that has a file share named share1.
ADatum plans to implement the following changes:
• Sync Data1 to share1.
• Configure an Azure runbook named Task1.
• Enable Azure AD users to sign in to Server1.
• Create an Azure DNS Private Resolver that has the following configurations:
• Name: Private1
• Region: West US
• Virtual network: VNet1
• Inbound endpoint: SubnetB
• Enable users in the adatum.com domain to access the resources in the south.fabrikam.com domain.
ADatum identifies the following technical requirements:
• The data on SSPace1 must be available always.
• DC2 must become the schema master if DC1 fails.
• VM3 must be configured to enable per-folder quotas.
• Trusts must allow access to only the required resources.
• The users in the Marketing OU must have access to storage1.
• Azure Automanage must be used on all supported Azure virtual machines.
• A direct SSH session must be used to manage all the supported virtual machines on HyperV1.
DC1 fails.
You need to meet the technical requirements for the schema master.
You run ntdsutil.exe.
Which five commands should you run in sequence? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order?
You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with Azure AD.
You deploy an app that adds custom attributes to the domain.
From Azure Cloud Shell, you discover that you cannot query the custom attributes of users.
You need to ensure that the custom attributes are available in Azure AD.
Which task should you perform from Microsoft Azure Active Directory Connect first?
Your network contains an Active Directory Domain Services (AD DS) forest. The forest contains three domains. Each domain contains 10 domain controllers.
You plan to store a DNS zone in a custom Active Directory partition.
You need to create the Active Directory partition for the zone. The partition must replicate to only four of the domain controllers.
What should you use?
You have a server named Server1 that runs Windows Server. The disks on Server1 are configured as shown in the following exhibit.
You need to convert volume E to ReFS. The solution must meet the following requirements:
• The data on volume E needs to be retained.
• Minimize administrative effort.
What should you do first?
