PrepAway - Latest Free Exam Questions & Answers

Your company has an Office 365 subscription that is configured for single sign-on (SSO) to an on-premises depl

Your company has an Office 365 subscription that is configured for single sign-on (SSO) to an on-premises deployment of Active Directory.

Office 2016 is deployed to all workstations. Microsoft OneDrive for Business is

used to replicate My Documents to OneDrive for Business.

You need to ensure that when clients connect to Office 365 from an untrusted network, they can access Office 365 resources by using a web browser.

Which two actions should you perform? Each correct

answer presents part of the solution.

A. Modify the Sharing settings for SharePoint Online.

B. Disable modern authentication.

C. Add a claims provider trust.

D. Add a relying party trust.

E. Add a new rule.

Explanation:

B: In Skype for Busi

ness Server 2015, Modern Authentication is used between on-premises clients and on-premises servers in order to give users a proper level of authorization to resources.

C: A Claims Provider trust is one where ADFS gets claims from the Claim Provider, whic

h could be the local AD as Claims Provider or an external Claims Provider.


Leave a Reply

PrepAway - Latest Free Exam Questions & Answers

Your company has an Office 365 subscription that is configured for single sign-on (SSO) to an on-premises depl

Your com

pany has an Office 365 subscription that is configured for single sign-on (SSO) to an on-premises deployment of Active Directory.

After a security breach, management at the company decides that only clients from the internal corporate network can be authe

nticated by using Active Directory Federation Services (AD FS).

You need to configure AD FS to prevent external clients from being authenticated by using AD FS.

What should you add in AD FS?

A. a claims provider trust

B. a relying party trust

C. a claim

rule

D. a non-claims-aware relying party trust

Explanation:

Access control in AD FS is implemented with issuance authorization claim rules that are used to issue a permit or deny claims that will determine whether a user or a group of users wil

l be allowed to access AD FS-secured resources or not. Authorization rules can only be set on relying party trusts. So you need to add a relying party trust to AD FS.

References: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/ma

nage-risk-with-conditional-access-control


Leave a Reply