Microsoft AZ-800 Exam Questions

Explore

To create a container image named app1 for your application using the Dockerfile in the C:\app directory on SRV1, follow these steps:

Step 1: Open PowerShell or Command Prompt First, open PowerShell or Command Prompt on SRV1.

Step 2: Navigate to the Application Directory Change to the directory where your application and Dockerfile are located:

cd C:\app

Step 3: Build the Container Image Use the docker build command to create the container image. The -t flag tags the image with the name app1:

docker build -t app1 .

The period . at the end of the command tells Docker to use the Dockerfile in the current directory.

Step 4: Verify the Image Creation After the build process completes, verify that the image app1 has been created successfully by listing all images:

docker images

You should see app1 in the list of images.

Step 5: Use the Image Now, you can use the image app1 to run containers or push it to a container registry if needed.

By following these steps, you'll have created a Docker container image named app1 using the Dockerfile located in C:\app on SRV11. Ensure that Docker is installed on SRV1 and that you have the necessary permissions to execute these commands.

To run a container on SRV1 using the mcrmicrosoft.com/windows/servercofe/iis image, publish port 80 on the container to port 5001 on SRV1, and ensure it runs in the background, you can follow these steps:

Step 1: Pull the IIS Image First, pull the correct IIS image from the Microsoft Container Registry:

docker pull mcr.microsoft.com/windows/servercore/iis

Step 2: Run the Container Next, run the container with the required port mapping and ensure it runs in the background using the -d flag:

docker run -d -p 5001:80 --name iis_container mcr.microsoft.com/windows/servercore/iis

This command will start a container named iis_container using the IIS image, map port 80 inside the container to port 5001 on SRV1, and run the container in detached mode.

Step 3: Verify the Container is Running To verify that the container is running and the port is published, use the following command:

docker ps

This will list all running containers and show the port mappings.

Step 4: Access the IIS Server You can now access the IIS server running in the container by navigating to http://<SRV1_IP>:5001 in a web browser, where <SRV1_IP> is the IP address of SRV1.

Note: Ensure that Docker is installed on SRV1 and that the port 5001 is open on the firewall to allow incoming connections1.

By following these steps, you should be able to run the IIS container on SRV1 with the specified port mapping and have it running in the background. Please replace mcrmicrosoft.com/windows/servercofe/iis with the correct image name mcr.microsoft.com/windows/servercore/iis as shown in the commands above.

One possible solution to configure Hyper-V to ensure that running virtual machines can be moved between SRV1 and SRV2 without downtime is to use Live Migration. Live Migration is a feature of Hyper-V that allows you to move a running virtual machine from one host to another without any noticeable interruption of service. To set up Live Migration between SRV1 and SRV2, you need to perform the following steps:

On both SRV1 and SRV2, openHyper-V Managerfrom theAdministrative Toolsmenu or by typingvirtmgmt.mscin the Run box.

In the left pane, right-click on the name of the server and selectHyper-V Settings.

In theHyper-V Settingsdialog box, selectLive Migrationsin the navigation pane.

Check the boxEnable incoming and outgoing live migrations.

UnderAuthentication protocol, select the method that you want to use to authenticate the live migration traffic between the servers. You can choose eitherKerberosorCredSSP. Kerberos does not require you to sign in to the source server before starting a live migration, but it requires you to configure constrained delegation on the domain controller. CredSSP does not require you to configure constrained delegation, but it requires you to sign in to the source server through a local console session, a Remote Desktop session, or a remote Windows PowerShell session. For more information on how to configure constrained delegation, seeConfigure constrained delegation.

UnderPerformance options, select the option that best suits your network configuration and performance requirements. You can choose eitherTCP/IPorCompressionorSMB. TCP/IP uses a single TCP connection for the live migration traffic. Compression uses multiple TCP connections and compresses the live migration traffic to reduce the migration time and network bandwidth usage. SMB uses the Server Message Block (SMB) 3.0 protocol and can leverage SMB features such as SMB Multichannel and SMB Direct. For more information on how to choose the best performance option, seeChoose a live migration performance option.

UnderAdvanced Features, you can optionally enable theUse any available network for live migrationoption, which allows Hyper-V to use any available network adapter on the source and destination servers for live migration. If you do not enable this option, you need to specify one or more network adapters to be used for live migration by clicking on theAddbutton and selecting the network adapter from the list. You can also change the order of preference by using theMove UpandMove Downbuttons.

ClickOKto apply the settings.

Now, you have configured Hyper-V to enable live migration between SRV1 and SRV2. You can use Hyper-V Manager or Windows PowerShell to initiate a live migration of a running virtual machine from one server to another.

To create a GPO named GPO1 that only applies to a group named MemberServers, you can follow these steps:

On a domain controller or a computer that has the Remote Server Administration Tools (RSAT) installed, openGroup Policy Managementfrom theAdministrative Toolsmenu or by typinggpmc.mscin the Run box.

In the left pane, expand your domain and right-click onGroup Policy Objects. SelectNewto create a new GPO.

In theNew GPOdialog box, enterGPO1as theNameof the new GPO and clickOK. You can also optionally select a source GPO to copy the settings from.

Right-click on the new GPO and selectEditto open theGroup Policy Management Editor. Here, you can configure the settings that you want to apply to the group under theComputer ConfigurationandUser Configurationnodes. For more information on how to edit a GPO, seeEdit a Group Policy Object.

Close theGroup Policy Management Editorand return to theGroup Policy Managementconsole. Right-click on the new GPO and selectScope. Here, you can specify the scope of management for the GPO, such as the links, security filtering, and WMI filtering.

Under theSecurity Filteringsection, click onAuthenticated Usersand then click onRemove. This will remove the default permission granted to all authenticated users and computers to apply the GPO.

Click onAddand then type the name of the group that you want to apply the GPO to, such asMemberServers. ClickOKto add the group to the security filter. You can also click onAdvancedto browse the list of groups available in the domain.

Optionally, you can also configure theWMI Filteringsection to further filter the GPO based on the Windows Management Instrumentation (WMI) queries. For more information on how to use WMI filtering, seeFilter the scope of a GPO by using WMI filters.

To link the GPO to an organizational unit (OU) or a domain, right-click on the OU or the domain in the left pane and selectLink an Existing GPO. Select the GPO that you created, such asGPO1, and clickOK. You can also change the order of preference by using theMove UpandMove Downbuttons.

Wait for the changes to replicate to other domain controllers. You can also force the update of the GPO by using thegpupdate /forcecommand on the domain controller or the client computers. For more information on how to update a GPO, seeUpdate a Group Policy Object.

Now, you have created a GPO named GPO1 that only applies to a group named MemberServers. You can verify the GPO application by using thegpresult /rcommand on a member server and checking theApplied Group Policy Objectsentry. You can also use theGroup Policy Resultswizard in theGroup Policy Managementconsole to generate a report of the GPO application for a specific computer or user. For more information on how to use the Group Policy Results wizard, seeUse the Group Policy Results Wizard.