ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-103 All Questions

View all questions & answers for the AZ-103 exam
Go to Exam

Exam AZ-103 topic 14 question 2 discussion

Actual exam question from Microsoft's AZ-103
Question #: 2
Topic #: 14
[All AZ-103 Questions]

You need to recommend an identity solution that meets the technical requirements.
What should you recommend?

  • A. Pass-through Authentication and single sign-on (SSO)
  • B. password hash synchronization and single sign-on (SSO)
  • C. federated single sign-on (SSO) and Active Directory Federation Services (AD FS)
  • D. cloud-only user accounts
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
Azure Active Directory (Azure AD) Pass-through Authentication allows users to sign in to both on-premises and cloud-based applications using the same passwords. When users sign in using Azure AD, this feature validates users' passwords directly against your on-premises Active Directory. On-premises passwords are never stored in the cloud in any form.
Scenario: Technical Requirements include:
Prevent user passwords or hashes of passwords from being stored in Azure.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta
by Cloudyuga at May 18, 2020, 7:11 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Cloudyuga
Highly Voted 5 years, 1 month ago
A is Correct answers organizations wanting to enforce their on-premises Active Directory security and password policies, can choose to use Pass-through Authentication https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta
upvoted 15 times
...
ExamTopics_Yeti
Highly Voted 4 years, 11 months ago
This article was helpful for me https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
upvoted 8 times
...
tashakori
Most Recent 1 year, 3 months ago
A is right
upvoted 1 times
...
GeoTan
4 years, 2 months ago
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-hybrid-identity see the table there.
upvoted 1 times
...
oooMooo
4 years, 6 months ago
Nevermind! B will not work "Prevent user passwords or hashes of passwords from being stored in Azure." Thus it has to be A.
upvoted 1 times
...
oooMooo
4 years, 6 months ago
Why not B: password hash synchronization and single sign-on (SSO)?
upvoted 1 times
...
Thi
4 years, 7 months ago
A. Pass-through Authentication and single sign-on (SSO)
upvoted 1 times
...
d19network
4 years, 11 months ago
I believe it is C Consideration - Where does authentication happen? 1. Password hash synchronization + Seamless SSO 2. Pass-through Authentication + Seamless SSO 3. Federation with AD FS 1. In the cloud 2. In the cloud after a secure password verification exchange with the on-premises authentication agent 3.On-premises
upvoted 2 times
Fala_Fel
4 years, 11 months ago
Question states "Minimize administrative effort whenever possible" ADFS requires much more admin effort than answer A. Pass-through Authentication and single sign-on (SSO) So best answer is A
upvoted 6 times
...
...
markgray2
5 years ago
Why not C, using ADFS?
upvoted 4 times
fh
4 years, 12 months ago
basib baglama!
upvoted 2 times
smithyt
4 years, 11 months ago
you generally would use ADFS if you have a requirement for authentication that cannot not be met using PTA
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel