SC-300 · Question #123
SC-300 Question #123: Real Exam Question with Answer & Explanation
The correct answer is C: Azure Active Directory Application Proxy. Azure AD Application Proxy Explanation Option C is correct because Azure Active Directory Application Proxy is specifically designed to provide secure remote access to on-premises web applications using Azure AD for authentication - without requiring a VPN or changes to the on-pr
Question
Your organization is a 100% Azure cloud based organization with no on-premise resources. You recently completed an acquisition of another company that is 100% on-premise with no cloud premise. You need to immediately provide your cloud users with access to a few of the acquired companies on-premise web applications. What service can you implement to ensure Azure Active Directory can still be used to authenticate to the on-premise applications?
Options
- AAzure Active Directory Connect
- BAzure Security Center
- CAzure Active Directory Application Proxy
- DAzure Active Directory Domain Services
Explanation
Azure AD Application Proxy Explanation
Option C is correct because Azure Active Directory Application Proxy is specifically designed to provide secure remote access to on-premises web applications using Azure AD for authentication - without requiring a VPN or changes to the on-premises infrastructure. It acts as a bridge, allowing cloud users to authenticate via Azure AD and then securely access on-premises apps through a lightweight connector installed on the acquired company's network.
Why the distractors are wrong:
- A (Azure AD Connect) synchronizes identities between on-premises Active Directory and Azure AD - it's for syncing user accounts, not publishing applications for remote access.
- B (Azure Security Center) is a cloud security posture management tool focused on threat detection and compliance monitoring, not application access or authentication.
- D (Azure AD Domain Services) provides managed domain services (like LDAP and Kerberos) in the cloud, essentially the opposite direction - it doesn't help expose on-premises apps to cloud users.
Memory Tip: Think of Application Proxy as a "reverse VPN for web apps" - instead of bringing users into the network, it publishes the app out to authenticated Azure AD users. If the question mentions cloud users → on-premises web apps, Application Proxy is almost always the answer.
Topics
Community Discussion
No community discussion yet for this question.