Contoso Ltd. uses Office 365 for collaboration. You are implementing Active Directory Federation Services (AD
FS) for single sign-on (SSO) with Office 365 services. The environment contains an Active Directory domain
and an AD FS federation server.
You need to ensure that the environment is prepared for the AD FS setup.
Which two actions should you perform? Each correct answer presents part of the solution.

A.
Configure Active Directory to use the domain contoso.com.

B.
Configure Active Directory to use the domain contoso.local.

C.
Create a server authentication certificate for the federation server by using fs.contoso.com as the subject
name and subject alternative name.

D.
Create a server authentication certificate for the federation server by using fs.contoso.local as the subject
name and subject alternative name.

Explanation:
A: The domain we want to federate must be registered as a public internet domain with a domain registrar or
within our own public DNS servers. We cannot use contoso.local as it is not routable outside of the intranet.
C: The Subject Name of the SSL certificate must match the names used in the AD FS configuration. The
default sub-domain for AD FS is fs. As we use contoso.com as the domain, we are probably using
fs,contoso.com as the AD FS name and we must also use it in the subject name for the certificate.