CV0-003 · Question #869
A systems administrator needs to integrate authentication with a partner so the employees of two companies can access the environment with control and management. Which of the following configuration
The correct answer is B. Federation Services. Federation Services establishes a cross-organizational trust relationship so that employees from two separate companies can authenticate using their own identity provider to access a shared environment.
Question
A systems administrator needs to integrate authentication with a partner so the employees of two companies can access the environment with control and management. Which of the following configuration types should the administrator execute in the authentication system?
Options
- ASingle sign-on
- BFederation Services
- CMultifactor authentication
- DKey management
How the community answered
(66 responses)- A5% (3)
- B86% (57)
- C2% (1)
- D8% (5)
Why each option
Federation Services establishes a cross-organizational trust relationship so that employees from two separate companies can authenticate using their own identity provider to access a shared environment.
Single sign-on allows a user to authenticate once and access multiple applications, but it does not establish the inter-organizational identity trust needed between two separate companies.
Federation Services - such as Active Directory Federation Services (ADFS) or SAML 2.0 federation - creates a trust between two identity providers belonging to different organizations, allowing each company's users to present their home-organization credentials and receive access tokens valid in the partner environment. This is the correct solution because it enables controlled, managed cross-organizational authentication without requiring duplicate accounts. The administrator configures a relying-party trust and claims rules to govern exactly what access is granted.
Multifactor authentication adds a second verification factor to logins but does not create a trust relationship or enable cross-organizational identity federation.
Key management covers the lifecycle of cryptographic keys and certificates and does not address the authentication trust or identity federation between two organizations.
Concept tested: Cross-organizational identity federation with Federation Services
Source: https://learn.microsoft.com/en-us/windows-server/identity/active-directory-federation-services
Topics
Community Discussion
No community discussion yet for this question.