ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-100 All Questions

View all questions & answers for the MS-100 exam
Go to Exam

Exam MS-100 topic 3 question 41 discussion

Actual exam question from Microsoft's MS-100
Question #: 41
Topic #: 3
[All MS-100 Questions]

Your network contains an on-premises Active Directory forest.
You are evaluating the implementation of Microsoft 365 and the deployment of an authentication strategy.
You need to recommend an authentication strategy that meets the following requirements:
✑ Allows users to sign in by using smart card-based certificates
✑ Allows users to connect to on-premises and Microsoft 365 services by using SSO
Which authentication strategy should you recommend?

  • A. password hash synchronization and seamless SSO
  • B. federation with Active Directory Federation Services (AD FS)
  • C. pass-through authentication and seamless SSO
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Federation with Active Directory Federation Services (AD FS) is required to allow users to sign in by using smart card-based certificates.

Federated authentication -
When you choose this authentication method, Azure AD hands off the authentication process to a separate trusted authentication system, such as on-premises
Active Directory Federation Services (AD FS), to validate the user's password.
The authentication system can provide additional advanced authentication requirements. Examples are smartcard-based authentication or third-party multifactor authentication.
Reference:
https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn
by HLBJani at May 12, 2020, 11:28 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jhill777
Highly Voted 5 years, 1 month ago
Smartcard is the key word.
upvoted 22 times
...
[Removed]
Highly Voted 4 years, 11 months ago
Answer: B Explanation References: Federation with Active Directory Federation Services (AD FS) is required to allow users to sign in by using smart card-based certificates. Federated authentication When you choose this authentication method, Azure AD hands off the authentication process to a separate trusted authentication system, such as on-premises Active Directory Federation Services (AD FS), to validate the user's password. The authentication system can provide additional advanced authentication requirements. Examples are smartcard-based authentication or third-party multifactor authentication. Reference: https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn
upvoted 17 times
...
Solo96
Most Recent 2 years, 2 months ago
A is more valid now. Password hash and seamless SSO supports Smart cards: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn#comparing-methods
upvoted 1 times
...
NHaikes
2 years, 11 months ago
Link needs to be updated: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn#comparing-methods
upvoted 2 times
...
Carlo5
4 years ago
Update the reference link: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
upvoted 1 times
...
mkoprivnj
4 years, 6 months ago
B for sure! ctfalci
upvoted 3 times
...
HLBJani
5 years, 1 month ago
Right link: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel