• Home
  • Microsoft
  • AZ-800: Administering Windows Server Hybrid Core Infrastructure

Microsoft AZ-800 Exam Dumps

Get All Administering Windows Server Hybrid Core Infrastructure Exam Questions with Validated Answers

AZ-800 Pack
Vendor: Microsoft
Exam Code: AZ-800
Exam Name: Administering Windows Server Hybrid Core Infrastructure
Exam Questions: 260
Last Updated: May 12, 2026
Related Certifications: Windows Server Hybrid Administrator Associate
Exam Tags: Cloud Certifications, Microsoft Azure Certifications, Infrastructure Certifications Intermediate Windows Server AdministratorsAzure Administrators
Gurantee
  • 24/7 customer support
  • Unlimited Downloads
  • 90 Days Free Updates
  • 10,000+ Satisfied Customers
  • 100% Refund Policy
  • Instantly Available for Download after Purchase

Get Full Access to Microsoft AZ-800 questions & answers in the format that suits you best

PDF Version

$40.00
$24.00
  • 260 Actual Exam Questions
  • Compatible with all Devices
  • Printable Format
  • No Download Limits
  • 90 Days Free Updates

Discount Offer (Bundle pack)

$80.00
$48.00
  • Discount Offer
  • 260 Actual Exam Questions
  • Both PDF & Online Practice Test
  • Free 90 Days Updates
  • No Download Limits
  • No Practice Limits
  • 24/7 Customer Support

Online Practice Test

$30.00
$18.00
  • 260 Actual Exam Questions
  • Actual Exam Environment
  • 90 Days Free Updates
  • Browser Based Software
  • Compatibility:
    supported Browsers

Pass Your Microsoft AZ-800 Certification Exam Easily!

Looking for a hassle-free way to pass the Microsoft Administering Windows Server Hybrid Core Infrastructure exam? DumpsProvider provides the most reliable Dumps Questions and Answers, designed by Microsoft certified experts to help you succeed in record time. Available in both PDF and Online Practice Test formats, our study materials cover every major exam topic, making it possible for you to pass potentially within just one day!

DumpsProvider is a leading provider of high-quality exam dumps, trusted by professionals worldwide. Our Microsoft AZ-800 exam questions give you the knowledge and confidence needed to succeed on the first attempt.

Train with our Microsoft AZ-800 exam practice tests, which simulate the actual exam environment. This real-test experience helps you get familiar with the format and timing of the exam, ensuring you're 100% prepared for exam day.

Your success is our commitment! That's why DumpsProvider offers a 100% money-back guarantee. If you don’t pass the Microsoft AZ-800 exam, we’ll refund your payment within 24 hours no questions asked.
 

Why Choose DumpsProvider for Your Microsoft AZ-800 Exam Prep?

  • Verified & Up-to-Date Materials: Our Microsoft experts carefully craft every question to match the latest Microsoft exam topics.
  • Free 90-Day Updates: Stay ahead with free updates for three months to keep your questions & answers up to date.
  • 24/7 Customer Support: Get instant help via live chat or email whenever you have questions about our Microsoft AZ-800 exam dumps.

Don’t waste time with unreliable exam prep resources. Get started with DumpsProvider’s Microsoft AZ-800 exam dumps today and achieve your certification effortlessly!

Free Microsoft AZ-800 Exam Actual Questions

Question No. 1

Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains the offices shown in the following table.

You need to deploy a Network Policy Server (NPS) named NPS1 to enforce network access policies for all remote connections.

What is the minimum number of RADIUS clients that you should add to NPS1?

Show Answer Hide Answer
Correct Answer: C

In the NPS/RADIUS section of Administering Windows Server Hybrid Core Infrastructure, a RADIUS client is defined as a network access server (NAS) such as a VPN server, wireless AP, or switch. The guide states: ''Each VPN server that forwards connection requests to NPS must be configured as a RADIUS client.'' User counts are irrelevant to the number of RADIUS clients; the determining factor is the number of NAS devices that send RADIUS messages to NPS. The table shows Boston: 2 VPN servers, Dallas: 2, Seattle: 4---for a total of 8 VPN servers. Therefore, to enforce policies for all remote connections through NPS1, you must add each of the eight VPN servers as a RADIUS client. Options reflecting user totals (180/188) are incorrect because users are authenticated via the NAS, not directly configured as clients in NPS.


Question No. 2

You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant The on-premises network is connected to Azure by using a Site-to-Site VPN. You have the DNS zones shown in the following table.

You need to ensure that names from fabrikam.com can be resolved from the on-premises network Which two actions should you perform? Each correct answer presents part of the solution, NOTE: Each correct selection Is worth one point

Show Answer Hide Answer
Correct Answer: A, E

In hybrid name-resolution designs covered in Administering Windows Server Hybrid Core Infrastructure, Azure Private DNS does not support zone transfers and therefore you cannot host it on, or pull it into, on-premises DNS by using stub or secondary zones. The guidance states that when on-premises clients must resolve names that live in an Azure Private DNS zone, the recommended pattern is to place a DNS forwarder in Azure (typically a Windows Server VM running the DNS role) that can directly query the Azure resolver from inside the virtual network. Then, on-premises Windows DNS servers are configured with a conditional forwarder that forwards queries for the private zone's suffix to the Azure DNS forwarder over the VPN/ExpressRoute connection.

This achieves the following:

Keeps the authoritative zone in Azure Private DNS while making it reachable from on-premises.

Avoids unsupported mechanisms (no AXFR/IXFR available from Azure Private DNS, so stub and secondary zones won't work).

Uses least privilege and minimal change on both sides: add a DNS VM in Azure (E) and create a conditional forwarder on DC1 for fabrikam.com pointing to that VM's private IP (A).

Options B and C require zone transfers, which are not available from Azure Private DNS, and D (changing VNet DNS servers) affects Azure VMs' resolver settings but does not enable on-premises resolution of the Azure-hosted private zone.


Question No. 3

Your network contains a single-domain Active Directory Domain Services (AD DS) forest named conto.com. The forest contains the servers shown in the following exhibit table.

You plan to install a line-of-business (LOB) application on Server1. The application will install a custom windows services.

A new corporate security policy states that all custom Windows services must run under the context of a group managed service account (gMSA). You deploy a root key.

You need to create, configure, and install the gMSA that will be used by the new application.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Show Answer Hide Answer
Correct Answer: B, C

The AZ-800 objectives for securing Windows Server services with group Managed Service Accounts (gMSAs) specify a two-stage process: (1) Create the gMSA in AD DS, and (2) install (make usable) the gMSA on the member server that will run the service. The documentation outlines: first ensure a KDS root key is present (done), then on a domain controller run New-ADServiceAccount to create the gMSA, define SPNs as needed, and set PrincipalsAllowedToRetrieveManagedPassword to include the target server(s). Next, on each server that will use the account, install the account by running Install-ADServiceAccount, and then configure the Windows service to run under the gMSA (accountname$ with ''Service accounts'' logon). Running Install-ADServiceAccount on a DC is incorrect because the account must be installed on the workload host (Server1). Set-ADComputer is not required for gMSA deployment, and Get-ADServiceAccount merely queries objects and does not create or install them. Therefore, the correct actions are B (create the gMSA on DC1) and A (install the gMSA on Server1).


Question No. 4

Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains the servers shown in the following table.

You need to ensure that from Server1, you can use Windows Admin Center to manage the DHCP Server role on Server2. What should you do first?

Show Answer Hide Answer
Correct Answer: B

Topic 5, Labs


Question No. 5

You have a server named Server1 that runs Windows Server.

You plan to host applications in Windows containers.

You need to configure Server1 to run containers. What should you install?

Show Answer Hide Answer
Correct Answer: C

In the Windows Server hybrid curriculum for AZ-800, running Windows containers on a Windows Server host requires enabling the Containers feature and installing a container runtime, specifically the Docker (Moby) engine. The guide explains that Windows Server supports two isolation modes---process and Hyper-V isolation---but in both cases you still need a Docker-compatible runtime to pull images, create, and manage containers. The materials emphasize: container functionality isn't provided by Windows Admin Center or WSL; Admin Center is only a management tool and WSL targets Linux user-space scenarios, not Windows container runtime services. Likewise, the Hyper-V role is optional and only needed if you choose Hyper-V isolation for containers; it is not, by itself, sufficient to run containers. Therefore, the required installation to ''configure Server1 to run containers'' is the Docker engine (often referred to in Microsoft's docs as Docker/Moby), after which you can pull Windows base images and run Windows containers on the host. This aligns with the prescribed steps: enable Containers feature install Docker configure isolation as needed deploy containerized apps.


Get All 260 Questions & Answers Explore Other Microsoft Exam Dumps

100%

Security & Privacy

10000+

Satisfied Customers

24/7

Committed Service

100%

Money Back Guranteed