ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-100 All Questions

View all questions & answers for the MS-100 exam
Go to Exam

Exam MS-100 topic 4 question 11 discussion

Actual exam question from Microsoft's MS-100
Question #: 11
Topic #: 4
[All MS-100 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company plans to deploy several Microsoft Office 365 services.
You need to design an authentication strategy for the planned deployment. The solution must meet the following requirements:
✑ Users must be able to authenticate during business hours only.
✑ Authentication requests must be processed successfully if a single server fails.
✑ When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in.
✑ Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically.
Solution: You design an authentication strategy that contains a pass-through authentication model. You install an Authentication Agent on three servers and configure seamless SSO.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
This solution meets all the requirements:
✑ Users must be able to authenticate during business hours only. (This can be configured by using Logon Hours in Active Directory. Pass-through authentication passes authentication to the on-premise Active Directory)
✑ Authentication requests must be processed successfully if a single server fails. (We have Authentication Agents running on three servers)
When the password for an on-premises user account expires, the new password must be enforced the next time the user signs in. (This can be configured in

Active Directory. Pass-through authentication passes authentication to the on-premise Active Directory)
✑ Users who connect to Office 365 services from domain-joined devices that are connected to the internal network must be signed in automatically. (This goal is met by seamless SSO)
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn
by One111 at Dec. 27, 2022, 6:35 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jimboski
2 years, 3 months ago
Selected Answer: A
I think A is correct. The question is not asking or SSPR or password writeback to be enabled or supported.
upvoted 1 times
...
One111
2 years, 6 months ago
Selected Answer: B
Give configuration doesn't have password writeback and self-service password reset enabled. You can't fulfill all requirements. Adfs which th update password endpoint enabled will do it and multiple PtA agents with password writeback, sspr and synced password Expiration also will do it. Lot's of missing requirements.
upvoted 2 times
vanr2000
2 years, 2 months ago
What are you saying? PTA doesn't need password writeback, everything is managed locally.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel