Administering Windows Server Hybrid Core Infrastructure (AZ-800) Practice

Configuring a hypervisor for Windows Defender Credential Guard requires a Unified Extensible Firmware Interface (UEFI) lock because UEFI provides a secure environment at the firmware level to ensure that only trusted software is executed during the boot process. This secure booting mechanism is critical for preventing unauthorized access to sensitive components like Credential Guard, which relies on virtualization-based security. The UEFI lock prevents tampering with the boot process and ensures that the configurations necessary for the hypervisor to run securely are enforced from startup.

The other options do not play a direct role in enabling Windows Defender Credential Guard. For instance, while Server Core is a minimal installation option for Windows Server, it is not specifically required for Credential Guard. Cloud-based authentication pertains to modern identity services but does not influence the hypervisor's configuration. Machine learning capabilities, while they may enhance security solutions in different contexts, are not a prerequisite for setting up the hypervisor for Credential Guard. Thus, the correct requirement is the UEFI lock.