You have a Microsoft 365 subscription.
Your company deploys an Active Directory Federation Services (AD FS) solution.
You need to configure the environment to audit AD FS user authentication.
Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A . From all the AD FS servers, run audltpol.exe.
B . From all the domain controllers, run the set-AdminAuditLogConfig cmdlet and specify the CLogiLevel parameter.
C . On a domain controller install Azure AD Connect Health for AD D
E . From the Azure AO Connect server, run the Register-AzureADCConnectHealthSyncAgent cmdlet.
F . On an server, install Azure AD Connect Health for AD F
Answer: D,E
Explanation:
To audit AD FS user authentication, you need to install Azure AD Connect Health for AD FS. The agent should be installed on an AD FS server. After the installation, you need to register the agent by running the Register-AzureADConnectHealthSyncAgent cmdlet.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-health-agent-install
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-health-adfs
Leave a Reply