X

AZ-800 / Q9 / MS

Exam
Microsoft AZ-800
Answer confirmed
Microsoft Learinng Path Questions
Question

Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with a Microsoft Entra tenant.

You need to ensure that when an on-premises user signs in to Microsoft Entra, the authentication request is validated by an on-premises AD DS domain controller. The solution must minimize administrative effort.

What should you enable?

Proposed answer

federation with Active Directory Federation Services (AD FS)
federation with PingFederate
pass-through authentication
password hash synchronization 

Correct answer

pass-through authentication

  • Incorrect - Federation with AD FS is incorrect because, while authentication is processed, on-premises administrative effort is high.
  • Incorrect - Federation with PingFederate is incorrect, because while authentication is processed, on-premises administrative effort is high.
  • Correct - Pass-through authentication is correct because authentication is processed on-premises AD DS with low administrative effort.
  • Incorrect - Password hash synchronization is incorrect because authentication is processed in Microsoft Entra and has low administrative effort.

Implement Seamless Single Sign-On - Training | Microsoft Learn

Related exam questions

AZ-800 / Q3 / T1

You have an on premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant.

AZ-800 / Q11 / T1

Your network contains an on-premises Active Directory Domain Services (AD DS) domain named contoso.com. The domain contains the objects shown in the following table.

AZ-800 / Q14 / T1

Which optional feature should you select in Azure AD Connect?

AZ-800 / Q39 / T1

Your on-premises network contains an Active Directory domain named contoso.com. You have an Azure AD tenant.

AZ-800 / Q41 / T1

Your network contains an on-premises Active Directory Domain Services (AD DS) domain named contoso.com that syncs with an Azure AD tenant.

AZ-800 / Q42 / T1

Your on-premises network contains an Active Directory Domain Services (AD DS) domain.

You plan to sync the domain with an Azure AD tenant by using Azure AD Connect cloud sync.

AZ-800 / Q48 / T1

You have an on-premises Active Directory Domain Services (AD DS) domain that syncs with Azure AD.

You deploy an app that adds custom attributes to the domain.

AZ-800 / Q54 / T1

Your on-premises network contains a single-domain Active Directory Domain Services (AD DS) forest. You have an Azure AD tenant named contoso.com. The

AZ-800 / Q65 / T1

Which Microsoft Entra Connect feature should you use for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

AZ-800 / Q9 / MS

Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with a Microsoft Entra tenant.