Your network contains an Active Directory domain named contoso.com.
Your company has an enterprise root certification authority (CA) named CA1.
You plan to deploy Active Directory Federation Services (AD FS) to a server named Server1.
The company purchases a Microsoft Office 365 subscription.
You plan to register the company’s SMTP domain for Office 365 and to configure single sign-on for
all users.
You need to identify which certificate or certificates are required for the planned deployment.
Which certificate or certificates should you identify? (Each correct answer presents a complete
solution. Choose all that apply.)
A.
a server authentication certificate that is issued by a trusted third-party root CA and that contains
the subject name serverl.contoso.com
B.
a server authentication certificate that is issued by CA1 and that contains the subject name
Server1
C.
a server authentication certificate that is issued by a trusted third-party root CA and that contains
the subject name Server1
D.
a server authentication certificate that is issued by CA1 and that contains the subject name
serverl.contoso.com
E.
self-signed server authentication certificates for server1.contoso.com
A and E. You need a third party cert to work with Office 365.
0
0
I think the answer may be A.
E is a self-signed server authentication certificate. Although AD FS does use self-signed certs, they are token-signing certs, not server authentication. Office 365 does not support anything but trusted third-party certs
0
0
Agree A only
0
0
You do NOT need a certificate from a third-party root CA for this. See link: http://blogs.technet.com/b/canitpro/archive/2015/09/11/step-by-step-setting-up-ad-fs-and-enabling-single-sign-on-to-office-365.aspx
Either D or E will work.
0
0
Agree with Billy
A is all that is needed.
E in this case would be server authentication, not token-signing.
0
0
dude – watch the video, in the first minute it says you need the third party cert
0
0
But in the video he is asking to use the 3rd party certificate and he himself is using godaddy!
0
0
Forget ALL these other links. Look here, its clear as day:
https://support.office.com/en-sg/article/Plan-for-third-party-SSL-certificates-for-Office-365-b48cdf63-07e0-4cda-8c12-4871590f59ce
The only answer is A.
Not B or C or D – A is required for AD FS… the rest are not required as they are either privately issued, or have a short/private UPN.
Not E – E refers to server authentication certificates, the requirements asks for a token-signing certificate. Token signing certificates are generated automatically and Microsoft recommends that we use the default certificate as it has the benefit of updating itself when it expires etc.
As fdmo said, in the exam there is actually only one choice. If there are two choices in the exam, then I imagine E would refer to a token-signing certificate which you may then select.
1
0
Just wanna remark on few general things, The website design is perfect, the written content is very excellent : D.
http://www.bastcilkdoptb.com/
0
1
Agree A is the only answer. http://www.aiotestking.com/microsoft/which-certificate-or-certificates-should-you-identify/
@Hermina Kisker, don’t spam!!
0
0
OH~~~
well done FSM~!
0
0