ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-100 All Questions

View all questions & answers for the MS-100 exam
Go to Exam

Exam MS-100 topic 4 question 17 discussion

Actual exam question from Microsoft's MS-100
Question #: 17
Topic #: 4
[All MS-100 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest.
You deploy Microsoft 365.
You plan to implement directory synchronization.
You need to recommend a security solution for the synchronized identities. The solution must meet the following requirements:
✑ Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
✑ User passwords must be 10 characters or more.
Solution: Implement pass-through authentication and modify the password settings from the Default Domain Policy in Active Directory.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
This solution does not meet the following requirement:
✑ Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable.
This is because with pass-through authentication, the authentication is performed by the on-premise Active Directory.
This solution does meet the following requirement:
✑ User passwords must be 10 characters or more.
Configuring the Default Domain Policy in the on-premise Active Directory meets the requirement.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization
by wonap at April 17, 2021, 4:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Feyenoord
2 years, 3 months ago
Selected Answer: B
Password protection doesn't provide the ability to set a minimum required password length.
upvoted 1 times
Feyenoord
2 years, 3 months ago
That will be fixed by de Default domain policy. But because of PTA, the link cannot be down.
upvoted 1 times
...
...
Startkabels
2 years, 6 months ago
Selected Answer: B
B Passthrough routes all signins to onprem so tis does not meet the requirement that users need to be able to signin ti M365 when AD onprem becomes unavailable
upvoted 1 times
...
melatocaroca
4 years ago
Users must be able to authenticate successfully to Microsoft 365 services if Active Directory becomes unavailable, NO • Check to ensure that Active Directory is available and is responding to requests from the agents. User passwords must be 10 characters or more • Configuring the Default Domain Policy in the on-premise Active Directory meets the requirement. YES Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization https://docs.microsoft.com/en-us/azure/active-directory/hybrid/tshoot-connect-pass-through-authentication
upvoted 2 times
...
wonap
4 years, 2 months ago
should be yes?
upvoted 2 times
lucidgreen
4 years, 2 months ago
PTA requires on-prem AD to be available. So no.
upvoted 8 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel