Your network contains an Active Directory domain named contoso.com.
All users authenticate by using a third-party authentication solution.
You purchase Microsoft 365 and plan to implement several Microsoft 365 services.
You need to recommend an identity strategy that meets the following requirements:
✑ Provides seamless SSO
✑ Minimizes the number of additional servers required to support the solution
✑ Stores the passwords of all the users in Microsoft Azure Active Directory (Azure AD)
✑ Ensures that all the users authenticate to Microsoft 365 by using their on-premises user account
You are evaluating the implementation of federation.
Which two requirements are met by using federation? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
A . minimizes the number of additional servers required to support the solution
B . provides seamless SSO
C . stores the passwords of all the users in Azure AD
D . ensures that all the users authenticate to Microsoft 365 by using their on-premises user account.
Answer: B,D
Explanation:
When you choose this federation as the authentication method, Azure AD hands off the authentication process to a separate trusted authentication system, such as on-premises Active Directory Federation Services (AD FS), to validate the user’s password. AD FS can use on-premise Active Directory as an authentication provider. AD FS can also provide SSO when using Active Directory as an authentication provider.
Reference: https://docs.microsoft.com/en-us/azure/security/azure-ad-choose-authn