SIMULATION
Task 5
You have an application that is copied to a folder named C:\app on SRV1. C:\app also contains also a Dockerfile for the app.
On SRV1. you need to create a container image for the application by using the Dockerfile. The container image mutt be named app1.
Explore
To create a container image named app1 for your application using the Dockerfile in the C:\app directory on SRV1, follow these steps:
Step 1: Open PowerShell or Command Prompt First, open PowerShell or Command Prompt on SRV1.
Step 2: Navigate to the Application Directory Change to the directory where your application and Dockerfile are located:
cd C:\app
Step 3: Build the Container Image Use the docker build command to create the container image. The -t flag tags the image with the name app1:
docker build -t app1 .
The period . at the end of the command tells Docker to use the Dockerfile in the current directory.
Step 4: Verify the Image Creation After the build process completes, verify that the image app1 has been created successfully by listing all images:
docker images
You should see app1 in the list of images.
Step 5: Use the Image Now, you can use the image app1 to run containers or push it to a container registry if needed.
SIMULATION
Task 7
You need to monitor the security configuration of DC1 by using Microsoft Defender for Cloud.
The required source files are located in a folder named \\dc1.contoso.com\install.
One possible solution to monitor the security configuration of DC1 by using Microsoft Defender for Cloud is to use the Guest Configuration feature. Guest Configuration is a service that audits settings inside Linux and Windows virtual machines (VMs) to assess their compliance with your organization's security policies. You can use Guest Configuration to monitor the security baseline settings for Windows Server in the Microsoft Defender for Cloud portal by following these steps:
On DC1, open a web browser and go to the folder named \dc1.contoso.com\install. Download the Guest Configuration extension file (GuestConfiguration.msi) and save it to a local folder, such as C:\Temp.
After the installation is complete, sign in to the Microsoft Defender for Cloud portal (2).
In the left pane, selectSecurity Centerand thenRecommendations.
In the recommendations list, find and selectVulnerabilities in security configuration on your Windows machines should be remediated (powered by Guest Configuration).
To view the details of the security configuration of DC1, click on the VM name and then selectView details. You can see the list of rules that apply to DC1 and their compliance status. You can also see the severity, description, and remediation steps for each rule. For example, you can see if DC1 has the latest security updates installed, if the firewall is enabled, if the password policy is enforced, and so on.
To monitor the security configuration of DC1 over time, you can use theCompliance over timechart, which shows the trend of compliance status for DC1 in the past 30 days. You can also use theCompliance breakdownchart, which shows the distribution of compliance status for DC1 by rule severity.
By using Guest Configuration, you can monitor the security configuration of DC1 by using Microsoft Defender for Cloud and ensure that it meets your organization's security standards. You can also use Guest Configuration to monitor the security configuration of other Windows and Linux VMs in your Azure environment.
SIMULATION
Task 8
You need to create an Active Directory Domain Services (AD DS) site named Site2 that is associated to an IP address range of 192.168.2.0 to 192.168.2.255.
To create an AD DS site named Site2 that is associated to an IP address range of 192.168.2.0 to 192.168.2.255, you can follow these steps:
On a domain controller or a computer that has the Remote Server Administration Tools (RSAT) installed, openActive Directory Sites and Servicesfrom theAdministrative Toolsmenu or by typingdssite.mscin the Run box.
In the left pane, right-click onSitesand selectNew Site.
In the left pane, right-click onSubnetsand selectNew Subnet.
In theNew Object - Subnetdialog box, enter192.168.2.0/24as thePrefixof the subnet. This notation represents the IP address range of 192.168.2.0 to 192.168.2.255 with a subnet mask of 255.255.255.0. SelectSite2as theSite objectto associate the subnet with, and clickOK.
Wait for the changes to replicate to other domain controllers. You can verify the site and subnet creation by checking theSitesandSubnetscontainers in Active Directory Sites and Services.
Now, you have created an AD DS site named Site2 that is associated to an IP address range of 192.168.2.0 to 192.168.2.255. You can add domain controllers to the new site and configure the site links and site link bridges to optimize the replication topology.
SIMULATION
Task 9
You plan to create group managed service accounts (gMSAs).
You need to configure the domain to support the creation of gMSAs.
To configure the domain to support the creation of gMSAs, you need to perform the following steps:
On a domain controller or a computer that has the Remote Server Administration Tools (RSAT) installed, open PowerShell as an administrator and run the following command to install the Active Directory module:
Install-WindowsFeature -Name RSAT-AD-PowerShell
Run the following command to create a Key Distribution Service (KDS) root key, which is required for generating passwords for gMSAs. You only need to do this once per domain:
Add-KdsRootKey -EffectiveImmediately
SIMULATION
Task 10
You need to configure Hyper-V to ensure that running virtual machines can be moved between SRV1 and SRV2 without downtime.
You do NOT need to move any virtual machines at this time.
One possible solution to configure Hyper-V to ensure that running virtual machines can be moved between SRV1 and SRV2 without downtime is to use Live Migration. Live Migration is a feature of Hyper-V that allows you to move a running virtual machine from one host to another without any noticeable interruption of service. To set up Live Migration between SRV1 and SRV2, you need to perform the following steps:
On both SRV1 and SRV2, openHyper-V Managerfrom theAdministrative Toolsmenu or by typingvirtmgmt.mscin the Run box.
In the left pane, right-click on the name of the server and selectHyper-V Settings.
In theHyper-V Settingsdialog box, selectLive Migrationsin the navigation pane.
Check the boxEnable incoming and outgoing live migrations.
UnderAdvanced Features, you can optionally enable theUse any available network for live migrationoption, which allows Hyper-V to use any available network adapter on the source and destination servers for live migration. If you do not enable this option, you need to specify one or more network adapters to be used for live migration by clicking on theAddbutton and selecting the network adapter from the list. You can also change the order of preference by using theMove UpandMove Downbuttons.
ClickOKto apply the settings.
Now, you have configured Hyper-V to enable live migration between SRV1 and SRV2. You can use Hyper-V Manager or Windows PowerShell to initiate a live migration of a running virtual machine from one server to another.
Cammy
10 days agoZona
13 days agoPaulina
21 days agoBrock
25 days agoNohemi
27 days agoGlory
1 months agoRoselle
1 months agoStevie
2 months agoClaudia
2 months agoAlecia
3 months agoCecilia
4 months agoXochitl
4 months agoKenny
5 months ago