AZ-800 · Question #133
AZ-800 Question #133: Real Exam Question with Answer & Explanation
The correct answer is A: Enable Pass-through authentication.. {"question_number": 9, "correct_answer": "A", "explanation": "Pass-through Authentication (PTA) authenticates users by forwarding credential validation to the on-premises Active Directory in real time via a lightweight agent. No password hashes or passwords are ever stored in Azu
Question
Your organization uses a hybrid identity model for accessing both Azure-based and on-premises services. The Azure Active Directory Connect (Azure AD Connect) sync service is running on a dedicated server in your on-premises network; however, it has been decided that Active Directory (AD) passwords should not be stored in any form in the cloud. You need to enable this using the Azure AD Connect application. What should you do?
Options
- AEnable Pass-through authentication.
- BDelete user identities in Azure AD for your organization.
- CEnable password hash synchronization.
- DSelect Do not configure in the User sign-in options.
Explanation
{"question_number": 9, "correct_answer": "A", "explanation": "Pass-through Authentication (PTA) authenticates users by forwarding credential validation to the on-premises Active Directory in real time via a lightweight agent. No password hashes or passwords are ever stored in Azure AD or the cloud, satisfying the requirement that AD passwords must not be stored in any form in the cloud. Password Hash Synchronization (option C) is the opposite - it synchronizes a hash of the password hash to Azure AD, which means a derived form of the password IS stored in the cloud. Option B (deleting user identities) would break authentication entirely. Option D (Do not configure) leaves authentication unconfigured, which is not a functional solution.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.