Which three authentication methods should you provide f…

You manage an Active Directory Domain Services (AD DS) domain. Your company plans to move all of its
resources to Office 365.
You must implement Active Directory Federation Services (AD FS). You place all internet-facing servers on a
perimeter network.
You need to ensure that intranet and extranet users are authenticated before they access network resources.
Which three authentication methods should you provide for extranet users? Each correct answer presents a
complete solution.
NOTE: Each correct selection is worth one point.

You manage an Active Directory Domain Services (AD DS) domain. Your company plans to move all of its
resources to Office 365.
You must implement Active Directory Federation Services (AD FS). You place all internet-facing servers on a
perimeter network.
You need to ensure that intranet and extranet users are authenticated before they access network resources.
Which three authentication methods should you provide for extranet users? Each correct answer presents a
complete solution.
NOTE: Each correct selection is worth one point.

A.
Windows Integrated Authentication using Negotiate for NTLM

B.
Windows Integrated Authentication using Negotiate for Kerberos

C.
Authentication with RADIUS

D.
Forms Authentication using username and passwords

E.
Certificate Authentication using certificates mapped to user accounts in AD DS

Explanation:
https://authenticationfactor.wordpress.com/2014/06/18/adfs-3-0-playing-with-authentication/
https://authenticationfactor.wordpress.com/2014/06/18/adfs-3-0-playing-with-authentication/

Show Hint

Leave a Reply 4

Your email address will not be published. Required fields are marked *

Gita

Gita

I think answers are A, D y E, they are asking for extranet users:

“For extranet access, the following authentication mechanisms are supported:

Forms authentication using usernames and passwords
Certificate authentication using certificates that are mapped to user accounts in AD DS
Windows Integrated Authentication using Negotiate (NTLM only) for WS-Trust endpoints that accept Windows Integrated Authentication

Reply

Zembek

Zembek

I agree, my skillpipe 346 course notes state the following:

Authentication requirements

In most AD FS deployments, the primary authentication method for the relying party in a federated trust is AD DS authentication. For intranet access, the following standard authentication mechanisms for AD DS are supported:

Windows Integrated Authentication using the Negotiate option, which include Kerberos & NTLM

Forms Authentication using usernames and passwords

Certificate authentication using certificates mapped to user accounts in AD DS

For extranet access, the following authentication mechanisms are supported:

Forms authentication using usernames and passwords

Certificate authentication using certificates that are mapped to user accounts in AD DS

Windows Integrated Authentication using Negotiate (NTLM only) for WS-Trust endpoints that accept Windows Integrated Authentication

Reply

jreach

jreach

I also think it’s A,D,and E.

Reply