Administering Windows Server Hybrid Core Infrastructure (AZ-800) Practice

Which service checks the validity of hosts in a guarded fabric?

• A. Active Directory Domain Services
• B. Hyper-V Manager
• C. Host Guardian Service
• D. Windows Server Manager

The correct answer is: Host Guardian Service

The Host Guardian Service is specifically designed to validate the integrity of host machines within a guarded fabric. This service plays a crucial role in a Host Guardian Service deployment by ensuring that only trusted hosts can participate in the fabric. It achieves this through a process that involves attestation, where the service evaluates the security state of hosts and determines whether they comply with specified policies. In a guarded fabric, security is paramount, and the Host Guardian Service ensures that only compliant hosts—those that meet the criteria established for security and trust—are allowed to host virtual machines. This validation process helps to protect against unauthorized access and ensures that the virtual machines operate in a secure environment. The other services mentioned do not specifically handle host validation in the context of a guarded fabric. For instance, Active Directory Domain Services plays a role in managing users and computers in a domain but does not focus on host integrity. Hyper-V Manager is a tool for managing Hyper-V virtual machines and does not perform validations of host security states. Similarly, Windows Server Manager is a management console for various server roles and does not provide the specific functionality for validating host integrity as the Host Guardian Service does.