AZ-800 · Question #103
AZ-800 Question #103: Real Exam Question with Answer & Explanation
The correct answer is D: Enable Selective authentication for the trust.. Selective authentication restricts access over an external or forest trust to only those users in a trusted domain or forest who have been explicitly given authentication permissions to computer objects (resource computers) residing in the trusting domain or forest. This authenti
Question
Your network contains an Active Directory Domain Services (AD DS) forest named contoso.com. The forest root domain contains a server named server1.contoso.com. A two-way forest trust exists between the contoso.com forest and an AD DS forest named fabrikam.com. The fabrikam.com forest contains 10 child domains. You need to ensure that only the members of a group named fabrikam\Group1 can authenticate to server1.contoso.com. What should you do first?
Options
- AChange the trust to a one-way external trust.
- BAdd fabrikam\Group1 to the local Users group on server1.contoso.com.
- CEnable SID filtering for the trust.
- DEnable Selective authentication for the trust.
Explanation
Selective authentication restricts access over an external or forest trust to only those users in a trusted domain or forest who have been explicitly given authentication permissions to computer objects (resource computers) residing in the trusting domain or forest. This authentication setting must be manually enabled. Note: When a two way Forest Trust is created between Forest A and Forest B, all domains in Forest A will trust all domains in Forest B and vice versa.
Topics
Community Discussion
No community discussion yet for this question.