Your network contains a perimeter network and an internal network. The internal network contains
an Active Directory Federation Services (AD FS) 2.1 infrastructure. The infrastructure uses Active
Directory as the attribute store.
Youplan to deploy a federation server proxy to a server named Server2 in the perimeter network.
Youneed to identify which value must be included in the certificate that is deployed to Server2.
What should you identify?
A.
The FQDN of the AD FS server
B.
The name of the Federation Service
C.
The name of the Active Directory domain
D.
The public IP address of Server2
Explanation:
Toadd a host (A) record to corporate DNS for a federation server
On a DNS server for the corporate network, open the DNS snap-in.
1. In the console tree, right-click the applicable forward lookup zone, and then click New Host (A).
2. In Name, type only the computer name of the federation server or federation server cluster (for
example, type fs for the fully qualified domain name (FQDN) fs.adatum.com).
3. In IP address, type the IP address for the federation server or federation server cluster (for
example, 192.168.1.4).
4. Click Add Host.
Add a host (A) record to corporate DNS for a federation server
http://technet.microsoft.com/en-us/library/cc776786(v=ws.10).aspx
Its B
It is important to verify that the subject name in the server authentication certificate matches the Federation Service name value that is specified in the AD FS Management snap-in. To locate this value, open the snap-in, right-click Service, click Edit Federation Service Properties, and then find the value in Federation Service name text box.
https://technet.microsoft.com/en-us/library/dd807054(v=ws.11).aspx
1
0
Agree with Bert. Is option B. The OP answer explanation is about DNS
0
0
Indeed, it’s B according to https://technet.microsoft.com/en-us/library/dd807054(v=ws.11).aspx
0
0
Answer A is correct
0
1
I cant relate explanations to the question, for me I see answer is B.
as explained in TechNet resources.
0
0
If somebody is confused, maybe other versions of 70-412 or 70-417 dumps will make it clear 🙂
https://www.aiotestking.com/microsoft/what-should-you-identify-43/
http://www.aiotestking.com/microsoft/what-should-you-identify-86/
https://www.aiotestking.com/microsoft/what-should-you-identify-61/
http://www.aiotestking.com/microsoft/what-should-you-identify-233/
0
0
Considering that there was a long discussion in all previous dupms (as well as in this one) I took some extra time to figure it out by myself.
And from what I read, I’m going with the answer B – the name of the Federation Service.
As seen in the below link under the “To configure a computer for the federation server proxy role” point 3. clearly said:
“On the Specify Federation Service Name page, under Federation Service name, type the name that represents the Federation Service for which this computer will act in the proxy role.”
https://docs.microsoft.com/sl-si/windows-server/identity/ad-fs/deployment/configure-a-computer-for-the-federation-server-proxy-role
0
0
According to the site you are referring to, you need to install the correct certificates first:
“After you configure a computer with the required certificates and have installed the Federation Service Proxy role service, you are ready to configure the computer to become a federation server proxy.”
The question was: what value should you include in the certificate. Your answer is about the configuration of the ADFS proxy server.
So, the given answer is correct: A.
0
1