ExpertAZ-305 · Question 12 · Domain 1.2: Authentication and Authorization
A financial institution is designing a hybrid identity solution. They use on-premises Active Directory and want to synchronize identities to Microsoft Entra ID.
Security policies strictly prohibit any form of user password hashes from being synchronized to or stored in the cloud. However, users must be able to sign in to Microsoft 365 and Azure using their on-premises Active Directory credentials. The solution must provide high availability for authentication even if a single on-premises server fails.
Which authentication method should you recommend?
A financial institution is designing a hybrid identity solution. They use on-premises Active Directory and want to synchronize identities to Microsoft Entra ID.
Security policies strictly prohibit any form of user password hashes from being synchronized to or stored in the cloud. However, users must be able to sign in to Microsoft 365 and Azure using their on-premises Active Directory credentials. The solution must provide high availability for authentication even if a single on-premises server fails.
Which authentication method should you recommend?
Answer options:
Password Hash Synchronization (PHS)
Pass-through Authentication (PTA) with multiple Authentication Agents
Active Directory Federation Services (AD FS) with a single server
Azure AD Domain Services
How to approach this question
Full Answer
Common mistakes
Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 4
55 questions · hints · full answers · grading