nerdexam
Microsoft

70-648 · Question #22

70-648 Question #22: Real Exam Question with Answer & Explanation

The correct answer is B. Create a relying party trust.. In order for App1 (on Server1) to authenticate against Server2, we need to make sure the right kind of trust is in place. A relying party trust allows an application to use a 2nd authentication server in the same domain (a relying party is where claims are sent after authenticati

Question

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 has the Active Directory Federation Services (AD FS) role installed. You have an application named App1 that is configured to use Server1 for AD FS authentication. You deploy a new server named Server2. Server2 is configured as an AD FS 2.0 server. You need to ensure that App1 can use Server2 for authentication. What should you do on Server2?

Options

  • AAdd an attribute store.
  • BCreate a relying party trust.
  • CCreate a claims provider trust.
  • DCreate a relaying provider trust.

Explanation

In order for App1 (on Server1) to authenticate against Server2, we need to make sure the right kind of trust is in place. A relying party trust allows an application to use a 2nd authentication server in the same domain (a relying party is where claims are sent after authentication has been done) A claims provider sends claims to a Federated Server, that is then passed on to relying party trusts. In this case, Server1 (which hosts App1) needs to be a relying party to Server2, so that Server2 can forward claims to it before the App is used. Attribute stores are used by applications to query for claim information.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 70-648 Practice