ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 1 question 3 discussion

Actual exam question from Microsoft's AZ-500
Question #: 3
Topic #: 1
[All AZ-500 Questions]

Note: The question is included in a number of questions that depicts the identical set-up. However, every question has a distinctive result. Establish if the solution satisfies the requirements.
Your company has an Active Directory forest with a single domain, named weylandindustries.com. They also have an Azure Active Directory (Azure AD) tenant with the same name.
You have been tasked with integrating Active Directory and the Azure AD tenant. You intend to deploy Azure AD Connect.
Your strategy for the integration must make sure that password policies and user logon limitations affect user accounts that are synced to the Azure AD tenant, and that the amount of necessary servers are reduced.
Solution: You recommend the use of federation with Active Directory Federation Services (AD FS).
Does the solution meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Rume at July 1, 2021, 2:22 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
trevax
Highly Voted 3 years, 8 months ago
- "password policies and user logon limitations affect user accounts that are synced to the Azure AD tenant" → Federation or PTA - "the amount of necessary servers are reduced" → Federation > PTA > PHS (number of server) So the answer is PTA.
upvoted 18 times
Shahrezza
3 years, 7 months ago
Agreed answer is : PTA
upvoted 1 times
cometoit
3 years, 6 months ago
Agreed, while federation would force user logon limitations it would require minimum 4 servers (2 ADFS/2 WAP).
upvoted 1 times
...
...
...
LeDefatman
Highly Voted 3 years, 7 months ago
the phrase ...amount of necessary servers is reduced eliminate Federation as an answer choice.
upvoted 7 times
...
Tessy25
Most Recent 3 weeks, 2 days ago
Selected Answer: B
While federation with AD FS enforces real-time password policies, it increases server count, violating the "reduce number of servers" requirement
upvoted 1 times
...
stonwall12
2 months, 3 weeks ago
Selected Answer: B
Answer: B, No Reason: Federation with AD FS doesn't meet the requirement to reduce server count as it requires additional infrastructure including multiple AD FS servers and web application proxies for high availability. Reference: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/connect/choose-ad-authn#federation-authentication-with-ad-fs
upvoted 1 times
...
Vaibhav39
4 months ago
Selected Answer: B
No password write back is needed
upvoted 1 times
...
rysano
9 months ago
the phrase ...amount of necessary servers is reduced eliminate Federation as an answer choice. Guide: https://sites.google.com/view/learnmicrosoftcomenustrainingm/home
upvoted 2 times
...
pentium75
9 months, 2 weeks ago
Selected Answer: B
No because ADFS does anything but 'reduce the amount of necessary servers'.
upvoted 1 times
...
Ruffyit
1 year, 1 month ago
A federated authentication system relies on an external trusted system to authenticate users. Some companies want to reuse their existing federated system investment with their Azure AD hybrid identity solution. The maintenance and management of the federated system falls outside the control of Azure AD. It's up to the organization by using the federated system to make sure it's deployed securely and can handle the authentication load.
upvoted 2 times
...
ESAJRR
1 year, 10 months ago
Selected Answer: B
B. Answer is No
upvoted 1 times
...
zellck
2 years ago
Selected Answer: B
B is the answer. https://learn.microsoft.com/en-us/azure/active-directory/hybrid/connect/choose-ad-authn#cloud-authentication What are the on-premises server requirements beyond the provisioning system: Azure AD Connect? Federation with AD FS - Two or more AD FS servers - Two or more WAP servers in the perimeter/DMZ network
upvoted 1 times
...
majstor86
2 years, 2 months ago
Selected Answer: B
B. Answer is No
upvoted 1 times
...
Fal991l
2 years, 2 months ago
the solution of using federation with Active Directory Federation Services (AD FS) meets the goal of integrating Active Directory and the Azure AD tenant while making sure that password policies and user logon limitations affect user accounts that are synced to the Azure AD tenant, and reducing the number of necessary servers. Federation with AD FS allows for a single sign-on (SSO) experience for users, where they can authenticate with their on-premises Active Directory credentials and gain access to resources in both the on-premises environment and in the cloud. This ensures that password policies and user logon limitations applied to on-premises Active Directory also apply to Azure AD.(ChatGPT)
upvoted 1 times
...
AZ5cert
2 years, 5 months ago
B. No AD FS will trust third party trusted domains across the enterprise for seamless authentication
upvoted 1 times
...
salmantarik
2 years, 5 months ago
The correct answer is B However, correct answer is SSO + PHS as it enforces two password policies (Password complexity policy and Password expiration policy also User Logon Restrictions) and it doesnt require any agents.
upvoted 1 times
...
God2029
2 years, 5 months ago
Can go with PTA and Standby PHS. Need to think of ADFS only when third party application authentication is required. Question doesn't speak about third-party apps. So you don't need ADFS.
upvoted 1 times
...
MarcusPlexus
2 years, 7 months ago
The 'correct answer' misses the point. You have recommended (in a badly stated fashion) 2 options: (1) PTA and (2) PHS with SSO. Option 2 does not care about your on prem settings, but option 1 does. Since you recommend both options and only one does the job, mission failed. This answer is incorrect (but not for the reason mentioned in 'correct answer').
upvoted 1 times
...
TheLegendPasha
3 years, 1 month ago
Selected Answer: B
Less server means instantly not federation.
upvoted 3 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago