Your network contains an Active Directory forest. The forest contains two domains named contoso.com and
fabrikam.com. The functional level of the forest is Windows Server 2003.
You have a domain outside the forest named adatum.com.
You need to configure an access solution to meet the following requirements:
* Users in adatum.com must be able to access resources in contoso.com.
* Users in adatum.com must be prevented from accessing resources in fabrikam.com.
* Users in both contoso.com and fabrikam.com must be prevented from accessing resources in adatum.com.
What should you create?
A.
a one-way realm trust from contoso.com to adatum.com
B.
a one-way realm trust from adatum.com to contoso.com
C.
a one-way external trust from contoso.com to adatum.com
D.
a one-way external trust from adatum.com to contoso.com
Explanation:
The contoso domain must trust the adatum domain.
Note: In a One-way: incoming trust, users in your (trusted) domain can be authenticated in the other (trusting)
domain. Users in the other domain cannot be authenticated in your domain.
Incorrect:
Not A, not B. Use realm trusts to form a trust relationship between a non-Windows Kerberos realm and a
Windows Server domain.
Not D. The resources that are to be shared are in the contoso domain.
Trust types