Exam-Answer

Home / Microsoft / AZ-100 / Question 100

Prev Question
Next Question

Question 100

Your company is evaluating a hybrid identity management strategy for authenticating users accessing application hosted in Azure.

You have the following requirements:

* Users must be able to login to the Azure hosted applications using the same username and password as they use on-premises.

* Minimum additional infrastructure is needed to support the sign on mechanism.

* User accounts revoked on premises must be instantly revoked in Azure.

*A cloud based solution should be in place in the event of disaster recovery being invoked. This cloud based solution will not have the same restriction on instant user revocation.

You need to implement the identity management strategy.

Which two identity management solutions should you choose? Each correct answer presents part of the solution.

Answers



A B C D

Advertisement

Explanation

You should use Azure AD Pass-through Authentication to allow the support for instant account revocation and fall back to a cloud identity provider in the case of disaster recovery. When Azure AD Pass-through Authentication is not available, you can have it fall back to leveraging Azure AD Connect with Password Sync to support login.

You do not require ADFS in this scenario. Although it would support instant account revocation, it does not have a disaster recovery option for fall back to another provider.

Using cloud authentication would not meet the requirements. Cloud identities are not connected to on premises and cannot be revoked on premises. Cloud authentication also offers no failback capability in the event of a disaster.

References

Comments

Load more
Prev Question
Next Question