You need to recommend an identity solution that meets the technical requirements.
What should you recommend?
You need to recommend an identity solution that meets the technical requirements.
What should you recommend?
Pass-through Authentication (PTA) and single sign-on (SSO) offer a solution where on-premises passwords are not stored in Azure in any form, meeting the requirement of preventing user passwords or hashes from being stored in the cloud. PTA enables users to authenticate against their on-premises Active Directory, which uses AD credentials directly without storing password hashes in Azure. This method also supports single sign-on, allowing users to have a seamless login experience. Additionally, it can incorporate multi-factor authentication (MFA) when users join devices to Azure Active Directory, using a mobile phone for identity verification. This approach also minimizes administrative effort by leveraging existing on-premises infrastructure.
correct since the req. is NOT to store passwords in the cloud.
And B is out because federation does not support MFA
C for correct Scenario: Prevent user passwords or hashes of passwords from being stored in Azure. Ensure that when users join devices to Azure Active Directory (Azure AD), the users use a mobile phone to verify their identity Minimize administrative effort whenever possible. Azure Active Directory (Azure AD) Pass-through Authentication allows your users to sign in to both on-premises and cloud-based applications using the same passwords. No password hashes are stored in Azure. Protects your user accounts by working seamlessly with Azure AD Conditional Access policies, including Multi-Factor Authentication (MFA), blocking legacy authentication and by filtering out brute force password attacks. https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta
Correct
Today 19/11/21. No use case of this help platform appeared in my exam. Score 860.