Download CTS234 ch-9 Test With Complete Solution. and more Exams Advanced Education in PDF only on Docsity!
CTS234 ch-9 Test With
Complete Solution
In a federation trust, the company whose users are accessing resources is referred to as which of the following? a.Account partner b.Claims provider c.Resource partner d.Federated server - ANSWER Account partner
What is the term for an agreed-on set of user attributes that both parties in a federation trust use to determine a user's credentials? a.Token b.Policy c. Claim d.Exclusion - ANSWER claim
What AD FS server role must be installed separately on a perimeter network to provide federation services to clients on untrusted networks?
a.Web Application Proxy b.AD FS web agents c.Online responders d.Federated web SSO with forest trust - ANSWER Web Application Proxy
You have several web applications that you want trusted Internet clients to be able to access with a single sign-on. The Internet clients aren't from a single company; they can be from anywhere on the Internet. Which AD DS design should you use?a.Web SSO b.Federated web SSO c.Federated web SSO with forest trust d.AD FS claims-aware web agents - ANSWER Web SSO
Which of the following role services is the resource partner that hosts the resources accessed by the account partner and validates claims issued by the claims provider? a.Web agent b.AD Certificate Services c.Relying party d.Web Application Proxy - ANSWER Relying Party
b.Choose issuance authorization rules c.Select the data source d.Configure a TPD - ANSWER Select the data source
What should you configure if certain attributes from the claims provider must be mapped to attributes the relying party can accept? a.Acceptance transform rule b.Claims provider trust c.Authentication policies d.AD device registration - ANSWER Acceptance transform rule
What should you configure in AD FS when you want the claims provider to trust the relying party from which claims are made? a.Claims provider trust b.Relying party trust c.Trusted user domains d.Trusted publishing domains - ANSWER Relying party trust
You and another company are engaging in a joint operation to develop a new product. Both companies must access certain web-based applications in this collaborative effort. Communication between the companies must remain
secure, and use of exchanged documents and emails must be tightly controlled. What should you use?
a.AD CS and AD LDS b.AD RMS and AD DS c.AD FS and AD RMS d.AD LDS and AD RMS - ANSWER AD FS and AD RMS
Which of the following is not part of a typical AD RMS installation in a production environment? a.AD RMS database server b.Active Directory domain controller c.Client certificates d.Microsoft Enrollment Service - ANSWER .Microsoft Enrollment Service
You need to delegate AD RMS responsibilities to a junior administrator. You don't want to give the administrator more permissions than required to allow her to view RMS-related logs and reports. What should you do?
a.Add the user to the Server Operators group on the AD RMS server. b.Delegate the AD RMS Template Administrator role. c.Delegate the AD RMS Auditor role.
a.Use license b.Rights account certificate c.Publishing license d.Server licensor certificate - ANSWER Server licensor certificate
Which of the following is created when a client publishes a rights-protected document?
a.Server licensor certificate b.Rights account certificate c.Publishing license d.Use license - ANSWER Publishing license
Which of the following should you configure if you want to exclude certain application versions from accessing a rights-protected document?
a.Exclusion policy b.Revocation policy c.Rights policy template d.Trusted publishing domain - ANSWER Exclusion policy
Which of the following AD FS features should you configure if you want a user to gain access to AD FS-protected resources based on the credentials of the device they are using? a.Microsoft Passport support b.Support for LDAPv c.Enhanced device registration d.Trusted publishing - ANSWER Enhanced device registration
What installation procedure must be followed to allow all the new AD FS features in Windows Server 2016 AD FS to be available when changing a Windows Server 2012 R2 AD FS server to a Windows Server 2016 AD FS server?
a.Upgrade your Windows Server 2012 R2 AD FS server to Windows Server
b. Install a new Windows Server 2016 AD FS server and decommission the old Windows Server 2012 R2 server c.Install the new Windows Server 2016 AD FS server and use a configuration template. d.Create a new GPO in Group Policy Management and link the GPO to the OU that contains the previous computer account. - ANSWER Install a new Windows Server 2016 AD FS server and decommission the old Windows
c.AD FS preauthentication d.AD FS direct preauthentication - ANSWER AD FS preauthentication
When using AD FS preauthentication for Remote Desktop, what type of trust must be used on the AD FS server?
a.Claims provider trust b.Two-way trust c.AD FS trust d.Relying party trust - ANSWER Relying party trust
