Microsoft AZ-800 Exam Questions

To run a container on SRV1 using the mcrmicrosoft.com/windows/servercofe/iis image, publish port 80 on the container to port 5001 on SRV1, and ensure it runs in the background, you can follow these steps:

Step 1: Pull the IIS Image First, pull the correct IIS image from the Microsoft Container Registry:

docker pull mcr.microsoft.com/windows/servercore/iis

Step 2: Run the Container Next, run the container with the required port mapping and ensure it runs in the background using the -d flag:

docker run -d -p 5001:80 --name iis_container mcr.microsoft.com/windows/servercore/iis

This command will start a container named iis_container using the IIS image, map port 80 inside the container to port 5001 on SRV1, and run the container in detached mode.

Step 3: Verify the Container is Running To verify that the container is running and the port is published, use the following command:

docker ps

This will list all running containers and show the port mappings.

Step 4: Access the IIS Server You can now access the IIS server running in the container by navigating to http://<SRV1_IP>:5001 in a web browser, where <SRV1_IP> is the IP address of SRV1.

Note: Ensure that Docker is installed on SRV1 and that the port 5001 is open on the firewall to allow incoming connections1.

By following these steps, you should be able to run the IIS container on SRV1 with the specified port mapping and have it running in the background. Please replace mcrmicrosoft.com/windows/servercofe/iis with the correct image name mcr.microsoft.com/windows/servercore/iis as shown in the commands above.

To ensure that all computers in the domain use DNSSEC to resolve names in the adatum.com zone, you'll need to configure both the DNS servers and the client computers. Here's how you can do it:

Step 1: Sign the adatum.com Zone First, you need to sign the adatum.com DNS zone. This can be done using the DNS Manager or PowerShell. Here's a PowerShell example:

Add-DnsServerSigningKey -ZoneName 'adatum.com' -CryptoAlgorithm RsaSha256

Set-DnsServerDnsSecZoneSetting -ZoneName 'adatum.com' -DenialOfExistence NSEC3 -NSEC3Parameters 1,0,10,''

This will add a signing key and configure DNSSEC for the zone with NSEC3 parameters.

Step 2: Configure DNS Servers Ensure that your DNS servers are configured to support DNSSEC. This includes setting up trust anchors for the zones that you want to validate and configuring the DNS servers to provide DNSSEC validation for DNS queries.

Step 3: Configure DNS Clients For DNSSEC validation to occur on the client side, the client computers must be configured to trust the DNS server's validation process. This typically involves configuring the client's DNS settings to point to a DNS server that supports DNSSEC.

Step 4: Validate Configuration You can validate that DNSSEC is working correctly by using tools like nslookup or dig to query DNS records and check for the presence of DNSSEC signatures in the responses.

Note: The exact steps may vary depending on your environment and the version of Windows Server you are using. Ensure that you have the appropriate administrative rights to make these changes and that you test the configuration in a controlled environment before deploying it domain-wide12.

By following these steps, you should be able to ensure that all computers in your domain use DNSSEC to resolve names in the adatum.com zone.

To run a container on SRV1 using the mcrmicrosoft.com/windows/servercofe/iis image, publish port 80 on the container to port 5001 on SRV1, and ensure it runs in the background, you can follow these steps:

Step 1: Pull the IIS Image First, pull the correct IIS image from the Microsoft Container Registry:

docker pull mcr.microsoft.com/windows/servercore/iis

Step 2: Run the Container Next, run the container with the required port mapping and ensure it runs in the background using the -d flag:

docker run -d -p 5001:80 --name iis_container mcr.microsoft.com/windows/servercore/iis

This command will start a container named iis_container using the IIS image, map port 80 inside the container to port 5001 on SRV1, and run the container in detached mode.

Step 3: Verify the Container is Running To verify that the container is running and the port is published, use the following command:

docker ps

This will list all running containers and show the port mappings.

Step 4: Access the IIS Server You can now access the IIS server running in the container by navigating to http://<SRV1_IP>:5001 in a web browser, where <SRV1_IP> is the IP address of SRV1.

Note: Ensure that Docker is installed on SRV1 and that the port 5001 is open on the firewall to allow incoming connections1.

By following these steps, you should be able to run the IIS container on SRV1 with the specified port mapping and have it running in the background. Please replace mcrmicrosoft.com/windows/servercofe/iis with the correct image name mcr.microsoft.com/windows/servercore/iis as shown in the commands above.

One possible solution to ensure that a DHCP scope named scope1 on SRV1 can service client requests is to activate the scope on the DHCP server. A scope must be activated before it can assign IP addresses to DHCP clients. To activate a DHCP scope on SRV1, perform the following steps:

On SRV1, openDNS Managerfrom theAdministrative Toolsmenu or by typingdnsmgmt.mscin the Run box.

In the left pane, expand your DHCP server and click onIPv4.

In the right pane, right-click on the scope that you want to activate, such asscope1, and selectActivate.

Wait for the scope to be activated. You can verify the activation status by checking the icon next to the scope name. A green arrow indicates that the scope is active, while a red arrow indicates that the scope is inactive.

Now, the DHCP scope named scope1 on SRV1 can service client requests and lease IP addresses to DHCP clients. You can test the DHCP service by using theipconfig /renewcommand on a DHCP client computer that is connected to the same subnet as the scope.

One possible solution to ensure that you can manage DC1 by using Windows Admin Center on SRV1 is to install Windows Admin Center on SRV1 and add DC1 as a managed server. Windows Admin Center is a web-based management tool that allows you to manage servers, clusters, Windows PCs, and Azure virtual machines (VMs) from a single interface. Here are the steps to install Windows Admin Center on SRV1 and add DC1 as a managed server:

On SRV1, open a web browser and go to the folder named \dc1.contoso.com\install. Download the Windows Admin Center installer file (WindowsAdminCenter.msi) and save it to a local folder, such as C:\Temp.

Run the Windows Admin Center installer file and follow the installation wizard. You can choose to install Windows Admin Center as a desktop app or as a service. For more information on how to install Windows Admin Center, seeInstall Windows Admin Center.

After the installation is complete, launch Windows Admin Center from the Start menu or the desktop shortcut. If you installed Windows Admin Center as a service, you can access it from a web browser by using the URL https://localhost:6516 or https://<SRV1>:6516, where <SRV1> is the name or IP address of SRV1.

On the Windows Admin Center dashboard, clickAddto add a new connection. SelectServeras the connection type and enter the name or IP address of DC1 in the Server name field. Optionally, you can specify the display name, description, and tags for the connection. ClickSubmitto add DC1 as a managed server.

On the Windows Admin Center dashboard, you should see DC1 listed under the Servers section. Click on DC1 to open the server overview page. From here, you can manage various aspects of DC1, such as roles and features, certificates, devices, events, files, firewall, processes, registry, services, and more. For more information on how to use Windows Admin Center to manage servers, seeManage servers with Windows Admin Center.

Now, you can manage DC1 by using Windows Admin Center on SRV1. You can also add more servers or other types of connections to Windows Admin Center and manage them from the same interface