Your network contains an Active Directory forest. The forest contains two domains named
contoso.com and fabrikam.com. The functional level of the forest is Windows Server 2003.
You have a domain outside the forest named adatum.com.
You need to configure an access solution to meet the following requirements:
* Users in adatum.com must be able to access resources in contoso.com.
* Users in adatum.com must be prevented from accessing resources in fabrikam.com.
* Users in both contoso.com and fabrikam.com must be prevented from accessing resources in
adatum.com.
What should you create?
A.
a one-way realm trust from contoso.com to adatum.com
B.
a one-way realm trust from adatum.com to contoso.com
C.
a one-way external trust from contoso.com to adatum.com
D.
a one-way external trust from adatum.com to contoso.com
Explanation:
The contoso domain must trust the adatum domain.
Note: In a One-way: incoming trust, users in your (trusted) domain can be authenticated in the other
(trusting) domain. Users in the other domain cannot be authenticated in your domain.
Incorrect:
Not A, not B. Use realm trusts to form a trust relationship between a non-Windows Kerberos realm
and a Windows Server domain.
Not D. The resources that are to be shared are in the contoso domain.Trust types
simple. if u dont know this. dont do the exam.
1
0
Good job Kurt!
Try being more proactive and explain the answer rather than slinging open ended statements.
This is a test blog and not a “How the F*CK do I feel today” blog.
1
0
Triggered.
0
0
On a serious note, Kurt actually commented in a lot of questions with useful info. Kobain on the other hand…..
0
0
Enterprise Resource Planning
http://www.EgUY6RXpK6.com/EgUY6RXpK6
0
0
One way trusting domain -> trusted domain.
0
0
Answer is D
Contoso is site “A” and Adatum is site “B”.
You need to create a one-way external trust from site B to A. This will allow site B to access resources on site A. Site A will not be allowed to access site B resources until a two-way trust is created.
https://technet.microsoft.com/en-us/library/cc731404(v=ws.11).aspx
https://technet.microsoft.com/en-us/library/cc771568(v=ws.11).aspx
0
1
You actually need to create the external trust from the domain that’s providing the resource. In our case, adatum users need to access resources in contoso.
The given answer is correct.
0
0
This is one of those microsoft confusing terminologies!
To help me remember which direction access solution inclines I use:
“Trusting – Trusted” (my Access solution Formular! :))
Where:
Contoso domain(Trusting site) = Site with resources to be accessed and,
Adatum domain (Trusted site) = Site with security principles (e.g. users, computers and groups)
i.e. Contoso(Trusting)—->Adatum(Trusted)
So to create a one-way external trust from contoso I just use my default formula above.
That means if I create the one-way external trust from contoso to adatum, the sec-principles in Adatum will have access to resources in contoso.
3
0
Thanks Net-Ninja for easy explanation
0
0