Microsoft Exam AZ-801 Topic 2 Question 78 Discussion

Actual exam question for Microsoft's AZ-801 exam

Question #: 78
Topic #: 2

You have a server that runs Windows Server. The server is configured to encrypt all incoming traffic by using a connection security rule.

You need to ensure that Server1 can respond to the unencrypted tracert commands initiated from computers on the same network.

What should you do from Windows Defender Firewall with Advanced Security?

AFrom the IPsec Settings, configure IPsec defaults.

BCreate a new custom outbound rule that allows ICMPv4 protocol connections for all profiles.

CChange the Firewall state of the Private profile to Off.

DFrom the IPsec Settings, configure IPsec exemptions.

Show Suggested Answer

Suggested Answer: D

by Cyril at Jun 12, 2025, 01:35 AM

Limited Time Offer

25%

Off

Get Premium AZ-801 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Bethanie

9 days ago

Haha, turning off the firewall? Yeah, right, that's not the solution we're looking for here. Option D seems more promising.

upvoted 0 times

...

Keith

10 days ago

But wouldn't configuring IPsec exemptions from the IPsec Settings also achieve the same result?

upvoted 0 times

...

Judy

13 days ago

I agree with Kimbery. Allowing ICMPv4 protocol connections would enable Server1 to respond to unencrypted tracert commands.

upvoted 0 times

...

Eun

13 days ago

Option B sounds like the way to go. We need to allow unencrypted traffic for tracert, and creating a custom outbound rule for ICMPv4 should do the trick.

upvoted 0 times

Juliana

4 days ago

Option B sounds like the way to go. We need to allow unencrypted traffic for tracert, and creating a custom outbound rule for ICMPv4 should do the trick.

upvoted 0 times

...

Kimbery

18 days ago

I think we should create a new custom outbound rule that allows ICMPv4 protocol connections for all profiles.

upvoted 0 times

...