Microsoft 70-346 Exam

Which three authentication methods should you provide for extranet users?

You manage an Active Directory Domain Services (AD DS) domain. Your company plans to move all of its resources to Office 365.
You must implement Active Directory Federation Services (AD FS). You place all internet-facing servers on a perimeter network.
You need to ensure that intranet and extranet users are authenticated before they access network resources.
Which three authentication methods should you provide for extranet users? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. Windows Integrated Authentication using Negotiate for NTLM
  • B. Windows Integrated Authentication using Negotiate for Kerberos
  • C. Authentication with RADIUS
  • D. Forms Authentication using username and passwords
  • E. Certificate Authentication using certificates mapped to user accounts in AD DS
Answer: Option A. D. E.
Explanation:

For extranet access, the following authentication mechanisms are supported:
— Forms Authentication using username/passwords
— Certificate Authentication using certificates that are mapped to user accounts in AD DS
— Windows Integrated Authentication using Negotiate (NTLM only) for WS-Trust endpoints that accept Windows Integrated Authentication.
References:
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/design/ad-fs-requirements

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker
error: Alert: Content is protected !!