AZ-800 / Q4 / T6

edykss

Highly Voted 2 years, 2 months ago 

Answer is correct.

upvoted 9 times 

MR_Eliot

Most Recent 1 year, 2 months ago 

Answer le correcto

upvoted 2 times 

syu31svc

1 year, 8 months ago 

https://learn.microsoft.com/en-us/azure/active-directory/authentication/media/concept-password-ban-bad-on-premises/azure-ad-password-protection.png

https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad-on-premises

On-premises deployment of Azure AD Password Protection uses the same global and custom banned password lists that are stored in Azure AD Answer is correct

upvoted 4 times 

Leocan

2 years ago 

VM1 and VM2 are connected to the Internet. The Azure AD Password Protection Proxy service runs on any domain-joined machine in the current AD DS forest. The service's primary purpose is to forward password policy download requests from DCs to Azure AD and then return the responses from Azure AD to the DC. 

https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad-on-premises

upvoted 2 times 

Leocan

2 years ago 

On-premises deployment of Azure AD Password Protection uses the same global and custom banned password lists that are stored in Azure AD, and does the same checks for on-premises password changes as Azure AD does for cloud-based changes. Whenever an Azure AD Password Protection password policy is downloaded, that policy is specific to a tenant. In other words, password policies are always a combination of the Microsoft global banned-password list and the per-tenant custom banned-password list.

upvoted 2 times 

johosofat

2 years ago 

the Azure AD Password Protection Proxy- Runs any domain joined computer - serviceConnectionPoint - in AD The (all)DC Agent service is responsible to query and initiate the query- sends a password policy download request to the proxy service.

upvoted 3 times