ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-102 All Questions

View all questions & answers for the MS-102 exam
Go to Exam

Exam MS-102 topic 1 question 172 discussion

Actual exam question from Microsoft's MS-102
Question #: 172
Topic #: 1
[All MS-102 Questions]

Your on-premises network contains an Active Directory domain.

You have a Microsoft 365 E5 subscription.

You plan to implement a hybrid configuration that has the following requirements:

• Minimizes the number of times users are prompted for credentials when they access Microsoft 365 resources
• Supports the use of Azure AD Identity Protection

You need to configure Azure AD Connect to support the planned implementation.

Which two options should you select? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

  • A. Password Hash Synchronization
  • B. Password writeback
  • C. Directory extension attribute sync
  • D. Enable single sign-on
  • E. Pass-through authentication
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by Vincent1966 at Sept. 13, 2023, 3:07 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
poesklap
Highly Voted 1 year, 8 months ago
Selected Answer: AD
A. Password Hash Synchronization: This option minimizes the number of times users are prompted for credentials when they access Microsoft 365 resources by synchronizing password hashes to Azure AD. D. Enable single sign-on: This option helps minimize the number of times users are prompted for credentials by providing single sign-on capabilities. Options B (Password writeback), C (Directory extension attribute sync), and E (Pass-through authentication) do not directly address the specific requirements mentioned in the scenario. So, the correct options are A and D.
upvoted 9 times
Bouncy
1 year, 5 months ago
Correct answer, wrong explanation. A. PHS fullfills the requirements for "Supports the use of Azure AD Identity Protection" and specifically its Leaked Credential Protection feature. This is unrelated to SSO
upvoted 10 times
...
...
AleFCI1908
Most Recent 9 months, 2 weeks ago
AD - correct
upvoted 1 times
...
Tomtom11
10 months, 4 weeks ago
Selected Answer: AD
https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-sso Microsoft Entra seamless single sign-on (Microsoft Entra seamless SSO) automatically signs users in when they are on their corporate devices connected to your corporate network. When enabled, users don't need to type in their passwords to sign in to Microsoft Entra ID, and usually, even type in their usernames. This feature provides your users easy access to your cloud-based applications without needing any additional on-premises components. Seamless SSO can be combined with either the Password Hash Synchronization or Pass-through Authentication sign-in methods. Seamless SSO is not applicable to Active Directory Federation Services (ADFS).
upvoted 3 times
...
Paul_white
1 year, 9 months ago
ANSWER IS A & D
upvoted 3 times
...
Vincent1966
1 year, 10 months ago
A and C: Best practice: Turn on password hash synchronization. Detail: Password hash synchronization is a feature used to synch user password hashes from an on-premises Active Directory instance to a cloud-based Azure AD instance. This sync helps to protect against leaked credentials being replayed from previous attacks. https://learn.microsoft.com/en-us/azure/security/fundamentals/identity-management-best-practices
upvoted 3 times
sergioandreslq
1 year, 8 months ago
And SSO reduces the number of times that the users need to ingress credentials.
upvoted 1 times
...
Vincent1966
1 year, 10 months ago
Must be A and D: SSO
upvoted 10 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel