Which certificate or certificates should you identify?

Your network contains an Active Directory domain named adatum.com. The domain
contains a server named ADFS1.
You plan to deploy Active Directory Federation Services (AD FS) to ADFS1.
You plan to register the company’s SMTP domain for Office 365 and to configure single sign-on for all users.
You need to identify which certificate or certificates are required for the planned
deployment.

Which certificate or certificates should you identify? (Each correct answer presents a
complete solution. Choose all that apply.)

A.
a certificate that is issued by an internal certification authority and that contains the subject name ADFS1

B.
a certificate that is issued by an internal certification authority and that contains the subject name adfs1.adatum.com.

C.
a certificate that is issued by a trusted third-party root certification authority and that contains the subject name ADFS1

D.
self-signed certificates for adfs1.adatum.com

E.
a certificate that is issued by a trusted third-party root certification authority and that contains the subject name adfs1.adatum.com

Explanation:
Need to Check

E (not C, not D): Setting up AD FS requires the use of a third party SSL certificate. Make sure you match the certificate’s
subject name with the Fully Qualified Domain Name of the server.
Geek of All Trades: Office 365 SSO: A Simplified Installation Guide
https://technet.microsoft.com/en-us/magazine/jj631606.aspx