Which authentication mode and site collection URL shoul…

###BeginCaseStudy###

Testlet 1
Topic 5, Contoso
Background
You are the SharePoint server administrator for Contoso, Ltd. Contoso has a SharePoint 2010 environment hosted on SharePoint Online and a separate onpremises SharePoint 2010 farm. You are preparing to upgrade the environments to newer versions of SharePoint. You are also planning to support a hybrid onpremises/cloud deployment that will be available to customers, partners, and third-party vendors.
Contoso collaborates with a partner company, Tailspin Toys, on multiple projects.
Technical Environment
All user groups reside in the existing Active Directory Domain Services (AD DS) domain corp.contoso.com.
The existing SharePoint Online environment is configured as follows:
The SharePoint Online URL assigned by Microsoft is http://contoso.sharepoint.com.
The SharePoint Online Administration Center URL is https://contoso-admin.sharepoint.com.
The user name for the Contoso Office 365 administrator is [email protected].
An existing line-of-business application provides an OData service that is hosted in Microsoft Windows Azure SQL Database.
The site collections are described in the following table.

Business Requirements
The upgraded SharePoint environments must meet the following business requirements:
All SharePoint 2013 features must be available to all users when connecting from inside or outside of the corporate network.
Users of the Partner Projects site collection must be able to share content from their Microsoft Outlook clients and receive content from external users who
send email directly to the site.
The Corporate Projects site collection must be available to internal users who connect from outside of the corporate network and must not require a VPN
connection.
Third-party vendors must be able to read and modify documents.
Technical Requirements
You must meet the following technical requirements:
Before upgrading the Partner Projects site collection, create a duplicate, upgraded copy of the site for review and verification purposes.
Use Active Directory Federation Services (AD FS) 2.0 to authenticate Contoso employees, partners, and customers.

Automate the sign-in experience by using the local AD FS 2.0 servers for AD FS single sign-on (SSO).
Ensure that a web usage report that contains traffic reports, search reports, and inventory reports can be provided for any site.
The upgraded SharePoint environments must meet the following technical requirements:
All user profile information that resides in Active Directory must be available in SharePoint Online.
All sites must be able to share a mail-enabled document library that resides in the cloud.
The existing line-of-business application must be consumed as an external content type by using Microsoft Business Connectivity Services (BCS).
The Partner Projects site collection must allow Contoso and Tailspin Toys users to share documents with third-party vendors on an ad-hoc basis, without incurring
additional licensing requirements.

###EndCaseStudy###

DRAG DROP
You need to provide access to the Corporate Projects site collection to remote internal users.
Which authentication mode and site collection URL should you use? (To answer, drag the appropriate answer choices to the correct location or locations in the
answer area. Each answer choice may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

Select and Place:

###BeginCaseStudy###

Testlet 1
Topic 5, Contoso
Background
You are the SharePoint server administrator for Contoso, Ltd. Contoso has a SharePoint 2010 environment hosted on SharePoint Online and a separate onpremises SharePoint 2010 farm. You are preparing to upgrade the environments to newer versions of SharePoint. You are also planning to support a hybrid onpremises/cloud deployment that will be available to customers, partners, and third-party vendors.
Contoso collaborates with a partner company, Tailspin Toys, on multiple projects.
Technical Environment
All user groups reside in the existing Active Directory Domain Services (AD DS) domain corp.contoso.com.
The existing SharePoint Online environment is configured as follows:
The SharePoint Online URL assigned by Microsoft is http://contoso.sharepoint.com.
The SharePoint Online Administration Center URL is https://contoso-admin.sharepoint.com.
The user name for the Contoso Office 365 administrator is [email protected].
An existing line-of-business application provides an OData service that is hosted in Microsoft Windows Azure SQL Database.
The site collections are described in the following table.

Business Requirements
The upgraded SharePoint environments must meet the following business requirements:
All SharePoint 2013 features must be available to all users when connecting from inside or outside of the corporate network.
Users of the Partner Projects site collection must be able to share content from their Microsoft Outlook clients and receive content from external users who
send email directly to the site.
The Corporate Projects site collection must be available to internal users who connect from outside of the corporate network and must not require a VPN
connection.
Third-party vendors must be able to read and modify documents.
Technical Requirements
You must meet the following technical requirements:
Before upgrading the Partner Projects site collection, create a duplicate, upgraded copy of the site for review and verification purposes.
Use Active Directory Federation Services (AD FS) 2.0 to authenticate Contoso employees, partners, and customers.

Automate the sign-in experience by using the local AD FS 2.0 servers for AD FS single sign-on (SSO).
Ensure that a web usage report that contains traffic reports, search reports, and inventory reports can be provided for any site.
The upgraded SharePoint environments must meet the following technical requirements:
All user profile information that resides in Active Directory must be available in SharePoint Online.
All sites must be able to share a mail-enabled document library that resides in the cloud.
The existing line-of-business application must be consumed as an external content type by using Microsoft Business Connectivity Services (BCS).
The Partner Projects site collection must allow Contoso and Tailspin Toys users to share documents with third-party vendors on an ad-hoc basis, without incurring
additional licensing requirements.

###EndCaseStudy###

DRAG DROP
You need to provide access to the Corporate Projects site collection to remote internal users.
Which authentication mode and site collection URL should you use? (To answer, drag the appropriate answer choices to the correct location or locations in the
answer area. Each answer choice may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

Select and Place:

Answer:

Explanation:
Box 1: DirectAccess authentication
Box 2: Path-based site collections
Scenario:
Automate the sign-in experience by using the local AD FS 2.0 servers for AD FS single sign-on (SSO).
Use Active Directory Federation Services (AD FS) 2.0 to authenticate Contoso employees, partners, and customers.
Ensure that a web usage report that contains traffic reports, search reports, and inventory reports can be provided for any site.
DirectAccess authenticates the computer before the user logs on. Typically, computer authentication grants access only to domain controllers and DNS servers.
After the user logs on, DirectAccess authenticates the user, and the user can connect to any resources he or she is authorized to access.
DirectAccess supports standard user authentication using a computer certificate and user account name and password credentials.
DirectAccess supports standard user authentication using a computer certificate and user account name and password credentials. For greater security, you can
implement additional authorization with smart cards. This type of configuration allows users to access Internet resources without their smart cards, but requires a
smart card before users can connect to intranet resources. A user must insert a smart card in addition to typing his or her user credentials. Smart card authorization
prevents an attacker who acquires a user’s password (but not the smart card) from accessing the intranet. Similarly, an attacker who acquires the smart card but
does not know the user’s password does not have access.
When smart cards are required for end-to-end authentication, you must use Active DirectoryDomain Services (AD DS) in Windows Server 2008 R2.
Microsoft SharePoint supports both path-based and host-named site collections. The primary difference between path-based and host-named site collections is that
all path-based site collections in a Web application share the same host name (DNS name), and each host-named site collection in a Web application is assigned a
unique DNS name.
Path-based site collections example:
http://www.company.com/sites/cust1
http://www.company.com/sites/cust2
http://www.company.com/sites/cust3

Host-named site collections example:
http://cust1.company.com
http://cust2.company.com
E4 Ben:E7 Willa:E4 Guru:E8 TestKing:Q44 GreatExam:Q49
Fighter/DonDatta/Tos:



Leave a Reply 0

Your email address will not be published. Required fields are marked *