Microsoft Certified: Windows Server Hybrid Administrator Associate (AZ-802) Practice Test

This certification is designed for IT professionals who administer Windows Server as a workload in hybrid environments—both on-premises and in Azure. Relevant job roles include system administrators, infrastructure engineers, identity and access administrators, network engineers, security engineers, support engineers, and technology managers who are responsible for Windows Server operations at their organizations. Candidates typically collaborate with architects and cloud engineers on hybrid deployments.

Ideal candidates will have several years of hands-on experience with Windows Server operating systems and should be comfortable working across on-premises Active Directory, Azure IaaS virtual machines, and hybrid connectivity scenarios. Those who previously held the Windows Server Hybrid Administrator Associate certification via AZ-800 and AZ-801 can maintain their credential through the standard annual renewal assessment rather than sitting the full AZ-802 exam.

Microsoft does not enforce formal prerequisites for AZ-802, but candidates are strongly recommended to have several years of practical experience administering Windows Server in enterprise environments before attempting the exam. Foundational knowledge of Active Directory Domain Services, Group Policy, DNS, DHCP, and Windows Server networking is essential, as these topics form a significant portion of the exam content.

Familiarity with Azure fundamentals—particularly Azure IaaS, Azure Arc, Microsoft Entra ID (formerly Azure Active Directory), and hybrid connectivity concepts—is also expected. Candidates without prior Azure exposure may benefit from first earning the Microsoft Azure Fundamentals (AZ-900) certification or completing relevant Microsoft Learn learning paths. Hands-on experience with tools such as Windows Admin Center, PowerShell remoting, and Hyper-V is strongly recommended, as many exam questions are scenario-based and require applied knowledge.

AZ-802 is an associate-level exam administered through Pearson VUE, available via online proctoring or at an authorized testing center. The exam has a time limit of 100 minutes (approximately 120 minutes total with pre-exam administrative tasks) and contains approximately 40–60 scored questions. A passing score of 700 out of 1000 is required. The exam uses a scaled scoring model, meaning 700 does not equate directly to 70% correct answers.

Question types include single-answer multiple choice, multiple-response, drag-and-drop, hotspot (active screen), and yes/no scenario-based questions. The exam is available in English, with localized versions typically released approximately eight weeks after the English version. Candidates whose preferred language is unavailable may request an additional 30 minutes. Microsoft recommends registering with a personal Microsoft account (MSA) rather than an organizational account to ensure exam records are permanently retained. A free exam sandbox is available at aka.ms/examdemo to familiarize candidates with the interface before exam day.

• 1.Deploy and manage Active Directory Domain Services (AD DS) in on-premises and cloud environments (30–35%): Covers deploying and managing domain controllers on-premises and in Azure (including RODCs), configuring multi-site/multi-domain/multi-forest environments, managing AD DS trusts and replication, creating and managing users and service accounts, implementing hybrid identities via Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync, and managing Group Policy in both AD DS and Microsoft Entra Domain Services.
• 2.Manage Windows Servers and workloads in a hybrid environment (10–15%): Covers configuring Windows Admin Center (on-premises and in Azure), PowerShell remoting including Just Enough Administration (JEA) and second-hop scenarios, SSH and RDP remote access, Azure Arc-enabled server management via the Azure Connected Machine Agent, Azure Machine Configuration, VM extensions, Azure Update Manager, and Azure Automation runbooks.
• 3.Manage virtual machines and containers (15–20%): Covers Hyper-V VM management including checkpoints, memory, integration services, GPU partitioning, guarded fabric, and shielded VMs; Hyper-V networking including NIC Teaming and virtual switches; creating and managing Windows Server container images and instances; configuring Windows Subsystem for Linux for containers; Azure Kubernetes Service (AKS) on Windows Server; and managing Windows Server VMs on Azure including JIT VM access, Azure Bastion, availability sets, and VM scale sets.
• 4.Implement and manage an on-premises and hybrid networking infrastructure (15–20%): Covers DNS integration with AD DS, DNS zones, forwarding, DNSSEC, Azure DNS Private Resolver, IPAM, DHCP configuration and high availability, the Remote Access role, Azure Network Adapter, Azure Extended Network, Network Policy and Access Services (NPAS), Web Application Proxy, site-to-site VPN, Azure Relay, Microsoft Entra Private Access, and Microsoft Entra Application Proxy.
• 5.Manage storage and file services (15–20%): Covers creating and managing Azure File Shares including permissions, Azure File Sync configuration and monitoring, DFS migration to Azure File Sync, Windows Server file share configuration via FSRM and BranchCache, SMB over QUIC, Storage Spaces, Storage Replica, Data Deduplication, SMB Direct, Storage QoS, iSCSI, and file system configuration.
• 6.Secure Windows Server on-premises and hybrid infrastructures: Covers securing Windows Server using Microsoft Defender for Cloud, Microsoft Defender for Identity, Azure Policy, and security baselines; implementing privileged access workstations; configuring Windows Firewall and Azure network security; and managing certificate services and PKI in hybrid environments.
• 7.Implement and manage Windows Server high availability, disaster recovery, migration, and monitoring: Covers Failover Clustering, cluster sets, and stretch clusters; Azure Site Recovery for Windows Server workloads; Storage Replica for disaster recovery; server and workload migration to Azure using Azure Migrate; and monitoring Windows Server environments using Azure Monitor, Azure Monitor Agent, and Log Analytics.

• Use the official Microsoft Learn study guides for AZ-800 and AZ-801 as your primary content baseline—since AZ-802 consolidates both exams, these study guides collectively define the full scope of skills measured. Pay close attention to domain percentage weights to prioritize study time, especially AD DS (30–35%).
• Take the free Practice Assessments on Microsoft Learn for both AZ-800 and AZ-801 (linked directly from their exam pages) to identify knowledge gaps before sitting AZ-802. These assessments use question styles representative of the actual exam.
• Build hands-on labs using a hybrid environment: set up a Windows Server VM with Hyper-V, install and configure Windows Admin Center, connect the VM to Azure via Azure Arc, and practice key tasks like configuring Microsoft Entra Connect Sync, creating Azure File Sync endpoints, and testing failover with Azure Site Recovery.
• Study Windows Admin Center deeply—it is a central management tool referenced across multiple exam domains (remote management, Azure hybrid services, Hyper-V management, storage). Practice deploying it both on-premises and as an Azure-hosted gateway.
• Review the Microsoft Exam Readiness Zone videos on Microsoft Learn (search for 'AZ-800 Exam Readiness Zone') as these are produced by Microsoft and aligned to specific exam skill areas, particularly helpful for hybrid identity and networking topics.
• Focus on Microsoft Entra hybrid identity scenarios: understand the difference between Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync, when to use Microsoft Entra Domain Services vs. on-premises AD DS, and how staged rollout and password hash sync work—these are consistently tested scenarios.
• For the beta exam period, register early via Pearson VUE to take advantage of the typical 80% beta discount. After passing, expect a delay of 6–8 weeks before your score is reported, as beta exam results are processed after a sufficient candidate pool is collected.

Earning the Windows Server Hybrid Administrator Associate credential positions professionals for roles such as Windows Server Administrator, Hybrid Cloud Administrator, Infrastructure Engineer, and Systems Engineer in organizations that maintain on-premises Windows Server environments alongside Azure workloads. These roles are consistently in demand across enterprise IT departments, government agencies, healthcare, and financial services. As organizations pursue hybrid cloud strategies rather than full cloud migration, Windows Server expertise with Azure integration skills remains highly valuable and difficult to automate away.

According to industry salary surveys, Windows Server administrators with hybrid cloud skills and Microsoft certifications typically earn between $85,000 and $130,000 annually in the United States, depending on experience, location, and scope of responsibility. Compared to cloud-only certifications such as AZ-104 (Azure Administrator), this certification differentiates candidates who can manage the full hybrid lifecycle—on-premises Active Directory, hybrid networking, and Azure IaaS—making it particularly valuable for mid-to-large enterprises where full datacenter retirement is not imminent. The credential renews annually via a free, unproctored online assessment on Microsoft Learn, keeping certified professionals current with platform updates.