Special Offer! Black Friday + Cyber Monday Sale! Extra 20% OFF - Ends In Coupon code: HELLO20OFF
Increase your chances of passing the Microsoft AZ-801 exam questions on your first try. Practice with our free online AZ-801 exam mock test designed to help you prepare effectively and confidently.
You have an Azure subscription. The subscription contains a Microsoft Sentinel workspace named
Workspace1 and 100 virtual machines that run Windows Server.
You configure Workspace1 to collect logs from the virtual machines.
You need to query the collected logs for failed logon events.
Which table should you query?
Note: This question is part of a series of questions that present the same scenario. Each question in the
series contains a unique solution that might meet the stated goals. Some question sets might have more
than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.
Your network contains a single-domain Active Directory Domain Services (AD DS) forest named contoso.
com. The functional level of the forest is Windows Server 2012 R2. All domain controllers run Windows
Server 2012 R2.
Sysvol replicates by using the File Replication Service (FRS).
You plan to replace the existing domain controllers with new domain controllers that will run Windows
Server 2022.
You need to ensure that you can add the first domain controller that runs Windows Server 2022.
Solution: You run the Active Directory Migration Tool (ADMT).
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series
contains a unique solution that might meet the stated goals. Some question sets might have more than one
correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it as a result, these questions
will not appear in the review screen.
You have an on-premises server named Server1 that runs Windows Server.
You have a Microsoft Sentinel instance.
You add the Windows Firewall data connector in Microsoft Sentine1.
You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.
Solution: You install the Azure Connected Machine agent on Server1.
Does this meet the goal?
You have an Azure subscription that has Microsoft Defender for Cloud enabled.
You have 50 Azure virtual machines that run Windows Server.
You need to ensure that any security exploits detected on the virtual machines are forwarded to Defender for
Cloud.
Which extension should you enable on the virtual machines?
You have an Azure subscription. The subscription contains a virtual machine named VM1 that runs Windows Server. You enable Microsoft Defender for Servers Plan 2. You need to implement File Integrity Monitoring (FIM). What should you create first?
© Copyrights FreeMockExams 2025. All Rights Reserved
We use cookies to ensure that we give you the best experience on our website (FreeMockExams). If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the FreeMockExams.