You deploy an Active Directory Federation Services (AD FS) Federation Service Proxyon a server
named Server1.
You need to configure the Windows Firewall on Server1 to allow external users to authenticate by using
AD FS.
Which inbound TCP port should you allowon Server1?

A.
88

B.
135

C.
443

D.
445

Explanation:
http://technet.microsoft.com/en-us/library/adfs2-troubleshooting-things-to-check%28v=ws.10%29.aspx
Things to Check Before Troubleshooting AD FS 2.0
Verify router, firewall, and HTTP proxy configurations
In addition to verifying network connectivity, you may also have to verify that any routers, firewalls, or HTTP
proxies in your network (or any routers, firewalls,or HTTP proxies that your federation partner is using) have
been configured properly to support Web applications and protocols required with AD FS 2.0. For example,
Web applications can require both TCP port exceptions to be enabled for HTTP and HTTPS traffic using
Secure Sockets Layer (SSL). To ensure that the exceptions are configured appropriately, you may have to
verify that the default TCP port numbers (80 for HTTP and 443 for HTTPS), which typically allow Web
traffic, are in use. Also, check to see whether alternate TCP port numbers have been configured in anypart of
the network route between the client computer and all server computers that are involved. If alternateTCP port
numbers are configured for Web application protocols, you may have to update your AD FS 2.0 deploymentso
that federation server and federation server proxy computers can support the alternate TCP ports.