最新のAZ-801試験のリアル試験問題 本日無料更新されました
AZ-801リアル試験問題解答は更新された[2025年03月13日]
AZ-801認定試験は、Windows Serverハイブリッドソリューションの重要な経験と専門知識を持つITプロフェッショナル向けに設計されていることを意味します。この認定試験は、クラウドベースのサービスに接続されている複雑なWindows Server環境を管理する専門知識を実証したいIT専門家に最適です。
Microsoft AZ-801認定試験は、高度なWindows Serverハイブリッドサービスの設定に関する知識とスキルを評価するために設計されています。オンプレミスとクラウドベースのソリューションが利用されるハイブリッド環境でサーバーインフラストラクチャを管理および維持する経験を持つITプロフェッショナルを対象としています。AZ-801試験は、Azure Active Directoryの実装と管理、ハイブリッドアイデンティティ管理、ハイブリッドネットワーク、ハイブリッドストレージソリューションの実装と管理など、幅広いトピックをカバーしています。
質問 # 95
You have two servers that run Windows Server as shown in the following table.
You need to copy the contents of volume E from Server1 to Server2. The solution must meet the following requirements:
Ensure that files in-use are copied.
Minimize administrative effort.
What should you use?
- A. Storage Migration Service
- B. Azure Backup
- C. Azure File Sync
- D. Storage Replica
正解:A
質問 # 96
You need to create a Hyper-V hyper-converged cluster that stores virtual machines by using Storage Spaces Owed
Which three actions should you perform in sequence? To answer, move the appropriate anions from the list of actions to the answer area and arrange them in the correct order.
正解:
解説:
1 - Create a failover cluster.
2 - Enable Storage Spaces Direct.
3 - Create a volume.
質問 # 97
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an on-premises server named Server1 that runs Windows Server.
You have a Microsoft Sentinel instance.
You add the Windows Firewall data connector in Microsoft Sentinel.
You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.
Solution: You onboard Server1 to Microsoft Defender for Endpoint.
Does this meet the goal?
- A. Yes
- B. No
正解:B
質問 # 98
Your network contains an Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains an organizational unit (OU) named 0U1.0U1 contains servers that run sensitive workloads.
You plan to add connection security rules that meet the following requirements:
* The servers in OU 1 must only accept connections from domain-joined
* The servers in OU 1 must only be able to communicate with domain-joined You create a Group Policy Object (GPO) named GP01 and link GP01 to contoso.com.
You need to configure a connection security rule in GP01 by using Windows Defender Firewall with Advanced Security.
How should you configure the rule? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
質問 # 99
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Text Description automatically generated
質問 # 100
With which servers can Server1 and Server3 communicate? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
質問 # 101
Your network contains an Active Directory Domain Services (AD DS) forest. The forest contains the domains shown in the following table.
You are implementing Microsoft Defender for Identity sensors.
You need to install the sensors on the minimum number of domain controllers. The solution must ensure that Defender for Identity will detect all the security risks in both the domains.
What should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Text, table Description automatically generated
Reference:
https://docs.microsoft.com/en-us/defender-for-identity/technical-faq#deployment
https://docs.microsoft.com/en-us/defender-for-identity/install-step4
質問 # 102
You have an Azure virtual machine named VM1 that runs Windows Server. VM1 has boot diagnostics configured to use a managed storage account.
You are troubleshooting connectivity issue on VM1.
You need to run a PowerShell cmdlet on VM1 by using the Azure Serial Console.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
解説:
Reference:
https://docs.microsoft.com/en-us/troubleshoot/azure/virtual-machines/serial-console-overview
https://docs.microsoft.com/en-us/troubleshoot/azure/virtual-machines/serial-console-windows
質問 # 103
You have an Azure subscription. The subscription contains a virtual machine named VM1 that runs Windows Server. The subscription contains the storage accounts shown in the following table.
You plan to enable boot diagnostics for VM1.
You need to configure storage for the boot diagnostics logs and snapshots.
Which storage account should you use?
- A. storage3
- B. storage2
- C. storage1
正解:A
質問 # 104
With which servers can Server1 and Server3 communicate? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
質問 # 105
You have a server named Server1 that runs the Remote Desktop Session Host role service. Server1 has five custom applications installed.
Users who sign in to Server1 report that the server is slow. Task Manager shows that the average CPU usage on Server1 is above 90 percent. You suspect that a custom application on Server1 is consuming excessive processor capacity.
You plan to create a Data Collector Set in Performance Monitor to gather performance statistics from Server1.
You need to view the resources used by each of the five applications.
Which object should you add to the Data Collector Set?
- A. Processor
- B. Process
- C. Processor information
- D. Processor performance
正解:B
解説:
Topic 2, Fabrikam inc
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
Fabrikam, Inc. is a manufacturing company that has a main office in Chicago and a branch office in Paris.
Existing Environment
Identity Infrastructure
Fabrikam has an Active Directory Domain Services (AD DS) forest that syncs with an Azure Active Directory (Azure AD) tenant. The AD DS forest contains two domains named corp.fabrikam.com and europe.fabrikam.com.
Chicago Office On-Premises Servers
The office in Chicago contains on-premises servers that run Windows Server 2016 as shown in the following table.
All the servers in the Chicago office are in the corp.fabrikam.com domain.
All the virtual machines in the Chicago office are hosted on HV1 and HV2. HV1 and HV2 are nodes in a failover cluster named Cluster1.
WEB1 and WEB2 run an Internet Information Services (IIS) website. Internet users connect to the website by using a URL of https://www.fabrikam.com.
All the users in the Chicago office run an application that connects to a UNC path of \\Fileserver1\Data.
Paris On-Premises Servers
The office in Paris contains a physical server named dc2.europe.fabrikam.com that runs Windows Server 2016 and is a domain controller for the europe.fabrikam.com domain.
Network Infrastructure
The networks in both the Chicago and Paris offices have local internet connections. The Chicago and Paris offices are connected by using VPN connections.
The client computers in the Chicago office get IP addresses from DHCP1.
Security Risks
Fabrikam identifies the following security risks:
Some accounts connect to AD DS resources by using insecure protocols such as NTLMv1, SMB1, and unsigned LDAP.
Servers have Windows Defender Firewall enabled. Server administrators sometimes modify firewall rules and allow risky connections.
Requirements
Security Requirements
Fabrikam identifies the following security requirements:
Prevent server administrators from configuring Windows Defender Firewalls rules.
Encrypt all the data disks on the servers by using BitLocker Drive Encryption (BitLocker).
Ensure that only authorized applications can be installed or run on the servers in the forest.
Implement Microsoft Sentinel as a reporting solution to identify all connections to the domain controllers that use insecure protocols.
On-Premises Migration Plan
Fabrikam plans to migrate all the existing servers and identifies the following migration requirements:
Move the APP1 and APP2 virtual machines in the Chicago office to a new Hyper-V failover cluster named Cluster2 that will run Windows Server 2022.
Cluster2 will contain two new nodes named HV3 and HV4.
All virtual machine files will be stored on a Cluster Shared Volume (CSV).
Migrate Archive1 to a new failover cluster named Cluster3 that will run Windows Server 2022.
Cluster3 will contain two physical nodes named Node1 and Node2.
The file shares on Cluster3 will be a failover cluster role in active-passive mode.
Migrate all users, groups, and client computers from europe.fabrikam.com to corp.fabrikam.com.
The migration will be performed by using the Active Directory Migration Tool (ADMT).
A computer named ADMTcomputer will be deployed to the corp.fabrikam.com domain to run ADMT migration procedures.
User accounts will retain their existing password.
Migrate the data share from Fileserver1 to a new server named Fileserver2 that will run Windows Server 2022. After the migration, the data share must be accessible by using the existing UNC path.
Azure Migration Plan
Fabrikam plans to migrate some resources to Azure and identifies the following migration requirements:
Create an Azure subscription named Sub1.
Create an Azure virtual network named Vnet1.
Use ExpressRoute to connect the Paris and Chicago offices to Vnet1.
License all servers for Microsoft Defender for servers.
Migrate APP3 and APP4 to Azure.
Migrate the www.fabrikam.com website to an Azure App Service web app named WebApp1.
Decommission WEB1 and WEB2.
DHCP Migration Plan
Fabrikam plans to replace DHCP1 with a new server named DHCP2 and identifies the following migration requirements:
Ensure that DHCP2 provides the same IP addresses that are currently available from DHCP1.
Prevent DHCP1 from servicing clients once services are enabled on DHCP2.
Ensure that the existing leases and reservations are migrated.
質問 # 106
You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant by using password hash synchronization.
You have a Microsoft 365 subscription.
All devices are hybrid Azure AD-joined.
Users report that they must enter their password manually when accessing Microsoft 365 applications.
You need to reduce the number of times the users are prompted for their password when they access Microsoft
365 and Azure services.
What should you do?
- A. In the DNS zone of the AD DS domain, create an autodiscover record.
- B. In Azure AD. configure a Conditional Access policy for the Microsoft Office 365 applications.
- C. From Azure AD Connect, configure pass-through authentication.
- D. From Azure AD Connect, enable single sign-on (SSO).
正解:D
解説:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start
Topic 2, Fabrikam inc
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
Fabrikam, Inc. is a manufacturing company that has a main office in Chicago and a branch office in Paris.
Existing Environment
Identity Infrastructure
Fabrikam has an Active Directory Domain Services (AD DS) forest that syncs with an Azure Active Directory (Azure AD) tenant. The AD DS forest contains two domains named corp.fabrikam.com and europe.fabrikam.com.
Chicago Office On-Premises Servers
The office in Chicago contains on-premises servers that run Windows Server 2016 as shown in the following table.
All the servers in the Chicago office are in the corp.fabrikam.com domain.
All the virtual machines in the Chicago office are hosted on HV1 and HV2. HV1 and HV2 are nodes in a failover cluster named Cluster1.
WEB1 and WEB2 run an Internet Information Services (IIS) website. Internet users connect to the website by using a URL of https://www.fabrikam.com.
All the users in the Chicago office run an application that connects to a UNC path of \\Fileserver1\Data.
Paris On-Premises Servers
The office in Paris contains a physical server named dc2.europe.fabrikam.com that runs Windows Server 2016 and is a domain controller for the europe.fabrikam.com domain.
Network Infrastructure
The networks in both the Chicago and Paris offices have local internet connections. The Chicago and Paris offices are connected by using VPN connections.
The client computers in the Chicago office get IP addresses from DHCP1.
Security Risks
Fabrikam identifies the following security risks:
* Some accounts connect to AD DS resources by using insecure protocols such as NTLMv1, SMB1, and unsigned LDAP.
* Servers have Windows Defender Firewall enabled. Server administrators sometimes modify firewall rules and allow risky connections.
Requirements
Security Requirements
Fabrikam identifies the following security requirements:
* Prevent server administrators from configuring Windows Defender Firewalls rules.
* Encrypt all the data disks on the servers by using BitLocker Drive Encryption (BitLocker).
* Ensure that only authorized applications can be installed or run on the servers in the forest.
* Implement Microsoft Sentinel as a reporting solution to identify all connections to the domain controllers that use insecure protocols.
On-Premises Migration Plan
Fabrikam plans to migrate all the existing servers and identifies the following migration requirements:
* Move the APP1 and APP2 virtual machines in the Chicago office to a new Hyper-V failover cluster named Cluster2 that will run Windows Server 2022.
* Cluster2 will contain two new nodes named HV3 and HV4.
* All virtual machine files will be stored on a Cluster Shared Volume (CSV).
* Migrate Archive1 to a new failover cluster named Cluster3 that will run Windows Server 2022.
* Cluster3 will contain two physical nodes named Node1 and Node2.
* The file shares on Cluster3 will be a failover cluster role in active-passive mode.
* Migrate all users, groups, and client computers from europe.fabrikam.com to corp.fabrikam.com.
* The migration will be performed by using the Active Directory Migration Tool (ADMT).
* A computer named ADMTcomputer will be deployed to the corp.fabrikam.com domain to run ADMT migration procedures.
* User accounts will retain their existing password.
* Migrate the data share from Fileserver1 to a new server named Fileserver2 that will run Windows Server
2022. After the migration, the data share must be accessible by using the existing UNC path.
Azure Migration Plan
Fabrikam plans to migrate some resources to Azure and identifies the following migration requirements:
* Create an Azure subscription named Sub1.
* Create an Azure virtual network named Vnet1.
* Use ExpressRoute to connect the Paris and Chicago offices to Vnet1.
* License all servers for Microsoft Defender for servers.
* Migrate APP3 and APP4 to Azure.
* Migrate the www.fabrikam.com website to an Azure App Service web app named WebApp1.
* Decommission WEB1 and WEB2.
DHCP Migration Plan
Fabrikam plans to replace DHCP1 with a new server named DHCP2 and identifies the following migration requirements:
* Ensure that DHCP2 provides the same IP addresses that are currently available from DHCP1.
* Prevent DHCP1 from servicing clients once services are enabled on DHCP2.
* Ensure that the existing leases and reservations are migrated.
質問 # 107
Which domain controller should be online to meet the technical requirements for DC4?
- A. DC1
- B. DC2
- C. DC3
正解:B
質問 # 108
You have two file servers named Server1 and Server2 that run Windows Server. Server1 contains a shared folder named Data. Data contains 10 TB of data.
You plan to decommission Server1.
You need to migrate the files from Data to a new shared folder on Server2. The solution must meet the following requirements:
* Ensure that share, file, and folder permissions are copied.
* After the initial copy occurs, ensure that changes in \\Server1\Data can be synced to the destination without initiating a full copy.
* Minimize administrative effort.
What should you use?
- A. azcopy
- B. xcopy
- C. Storage Migration Service
- D. Storage Replica
正解:C
解説:
Reference:
https://docs.microsoft.com/en-us/windows-server/storage/storage-migration-service/overview#why-use-storage-m
質問 # 109
You need to meet the technical requirements for Cluster2.
Which four actions should you perform in sequence before you can enable replication? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
正解:
解説:
Explanation
Text Description automatically generated
Reference:
https://docs.microsoft.com/en-us/azure/site-recovery/hyper-v-azure-tutorial
質問 # 110
Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains the servers shown in the following table.
Server3 contains a share named Share1.
On Server1, DHCP has the following configurations:
Conflict detection attempts: 3
An IPv4 scope named Scope1 that has the following settings:
1.Address Pool: 172.16.10.100 - 172.16.10.130
2.Address Leases:
- 172.16.10.100 computer1.contoso.com
- 172.16.10.101 computer2.contoso.com
Reservations: 172.16.10.101 computer2.contoso.com
Policies: Policy1
You perform the following actions:
* On Server1, you run
Export-DhcpServer -File \\Server3\Share1\File1.xml.
* On Server2, you run
Import-DhcpServer -File \\Server3\Share1\File1.xml
-BackupPath \\Server3\Share1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Text Description automatically generated
Reference:
https://docs.microsoft.com/en-us/powershell/module/dhcpserver/export-dhcpserver?view=windowsserver2022-p
https://docs.microsoft.com/en-us/powershell/module/dhcpserver/import-dhcpserver?view=windowsserver2022-p
質問 # 111
You have an Azure virtual machine named VM1.
You install an application on VM1, and then restart the virtual machine.
After the restart, you get the following error message: "Boot failure. Reboot and Select proper Boot Device or Insert Boot Media in selected Boot Device." You need to mount the operating system disk offline from VM1 to a temporary virtual machine to troubleshoot the issue.
Which command should you run in Azure CLI?
- A. az vm disk attach
- B. az vm capture
- C. az vm repair create
- D. az vm boot-diagnostics enable
正解:C
解説:
Reference:
https://docs.microsoft.com/en-us/cli/azure/vm/repair?view=azure-cli-latest
質問 # 112
You have a server that runs Windows Server.
You plan to back up the server to an Azure Recovery Services vault once per week starting on the next Saturday.
You need to schedule the weekly backup and perform the initial backup as soon as possible.
In which order should you perform the actions? To answer, move all actions from the list of actions to the answer are and arrange them in the correct order.
正解:
解説:
Explanation
Text Description automatically generated with medium confidence
Reference:
https://docs.microsoft.com/en-us/azure/backup/install-mars-agent#download-the-mars-agent
https://docs.microsoft.com/en-us/azure/backup/backup-windows-with-mars-agent
質問 # 113
You have an on-premises IIS web server that hosts a web app named Appl. You plan to migrate App1 to a container and run the container in Azure. You need to perform the following tasks:
* Export App1 to a ZIP file.
* Create a container image based on Appl.
The solution must minimize administrative effort.
正解:
解説:
質問 # 114
You need to meet the technical requirements for Cluster3.
What should you include in the solution?
- A. Add a failover cluster role.
- B. Configure a fault domain doe the cluster.
- C. Add a Windows Server server role.
- D. Enable integration services on all the virtual machines.
正解:A
解説:
The Hyper-V replica broker role is required on the cluster.
Reference:
https://docs.microsoft.com/en-us/virtualization/community/team-blog/2012/20120327-why-is-the-hyper-v-replica-broker-required
質問 # 115
You have a server that runs Windows Server and has the Web Server (IIS) server role installed. Server1 hosts a single website that has the following configurations:
* Is accessible by using a URL of https://www.contoso.com:8443 and has an SSL certificate that was issued by a third-party certification authority (CA) in the Microsoft Trusted Root Program
* Uses anonymous authentication
* Was developed by using PHP
You plan to use APP Service Migration Assistant to migrate the website to Azure App Service.
You need to migrate the website. The solution must minimize the number of changes made to the existing website.
What should you do manually to ensure that the website migration is successful? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
解説:
Explanation
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/learn/modules/migrate-app-service-migration-assistant/3-understand-assessmen
https://docs.microsoft.com/en-us/learn/modules/migrate-app-service-migration-assistant/5-understand-migration
質問 # 116
Your company uses Storage Spaces Direct.
You need to view the available storage in a Storage Space Direct storage pool.
What should you use?
- A. System Configuration
- B. the Get-ScorageFileServer cmdlet
- C. Failover Cluster Manager
- D. File Server Resource Manager (FSRM)
正解:C
解説:
Explanation
If Failover Cluster Manager, select the Storage Space Direct storage pool. The information displayed in the main window includes the free space and used space.
質問 # 117
......
最新のAZ-801学習ガイド2025年最新の- 提供するのはテストエンジンとPDF:https://www.goshiken.com/Microsoft/AZ-801-mondaishu.html
お手軽に合格させる最新のMicrosoft AZ-801問題集には159問があります:https://drive.google.com/open?id=1utuodNEekuQyeQCS4Aj5yWjUaWrFMsa8