ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-801 All Questions

View all questions & answers for the AZ-801 exam
Go to Exam

Exam AZ-801 topic 1 question 4 discussion

Actual exam question from Microsoft's AZ-801
Question #: 4
Topic #: 1
[All AZ-801 Questions]

DRAG DROP -
You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant.
The AD DS domain contains a domain controller named DC1. DC1 does NOT have internet access.
You need to configure password security for on-premises users. The solution must meet the following requirements:
✑ Prevent the users from using known weak passwords.
✑ Prevent the users from using the company name in passwords.
What should you do? To answer, drag the appropriate configurations to the correct targets. Each configuration may be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-deploy
by Leocan at Dec. 22, 2022, 2:20 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
BlackCat9588
2 months, 2 weeks ago
It should be correct. Install the Azure AD Passwoed Protection DC agent Install the Azure AD Password Protection proxy service Configure Azure AD Password Protection.
upvoted 3 times
...
starseed
7 months, 1 week ago
Correct answer
upvoted 2 times
...
RemmyT
8 months, 3 weeks ago
On DC1 : Install the Microsoft Entra Password Protection DC agent. On a member server : Install the Microsoft Entra Password Protection proxy service. In Azure : Configure Microsoft Entra Password Protection
upvoted 1 times
...
calotta1
1 year, 8 months ago
Correct answer!
upvoted 1 times
...
Techbiz
1 year, 8 months ago
The current answer is correct
upvoted 1 times
...
syu31svc
1 year, 12 months ago
Answer provided is correct and link given supports it
upvoted 3 times
...
kijken
2 years, 1 month ago
I would say first proxy then agent
upvoted 2 times
tfulanchan
2 years, 1 month ago
Disagree, see the link provided by wyindualizer: Machines where the Azure AD Password Protection DC agent software will be installed can run any supported version of Windows Server, including Windows Server Core editions. All machines where the Azure AD Password Protection proxy service will be installed must run Windows Server 2012 R2 or later, including Windows Server Core editions.
upvoted 3 times
...
...
wyindualizer
2 years, 2 months ago
https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/active-directory/authentication/howto-password-ban-bad-on-premises-deploy.md
upvoted 3 times
...
Leocan
2 years, 4 months ago
In Azure, configure Password protection -> Custom banned passwords. https://learn.microsoft.com/en-us/azure/active-directory/authentication/tutorial-configure-custom-password-protection
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago