ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-102 All Questions

View all questions & answers for the MS-102 exam
Go to Exam

Exam MS-102 topic 1 question 92 discussion

Actual exam question from Microsoft's MS-102
Question #: 92
Topic #: 1
[All MS-102 Questions]

Your network contains an on-premises Active Directory domain named contoso.com.
For all user accounts, the Logon Hours settings are configured to prevent sign-ins outside of business hours.
You plan to sync contoso.com to an Azure AD tenant
You need to recommend a solution to ensure that the logon hour restrictions apply when synced users sign in to Azure AD.
What should you include in the recommendation?

  • A. pass-through authentication
  • B. conditional access policies
  • C. password synchronization
  • D. Azure AD Identity Protection policies
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Greatone1 at Aug. 20, 2023, 8:59 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Casticod
Highly Voted 1 year, 8 months ago
Selected Answer: A
This requirement can be achieved only if you have Pass through Authentication configured as a sign in option with Azure AD and with Logon hours setting configured in on-premise AD. Other solution it´s PIM but not valid in that question
upvoted 14 times
...
APK1
Most Recent 8 months, 2 weeks ago
Selected Answer: A
PTA With pass-through authentication, the user’s password is validated against the on-premises Active Directory controller. The password doesn't need to be present in Microsoft Entra ID in any form. This allows for on-premises policies, such as sign-in hour restrictions, to be evaluated during authentication to cloud services.
upvoted 1 times
...
TonyManero
1 year, 6 months ago
PTA is correct: https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/choose-ad-authn#cloud-authentication-pass-through-authentication "For example, access is denied when an on-premises user's account state is disabled, locked out, or their password expires or the logon attempt falls outside the hours when the user is allowed to sign in."
upvoted 2 times
...
Alscoran
1 year, 6 months ago
Selected Answer: A
From: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/connect/plan-connect-user-signin "Pass-through authentication With pass-through authentication, the user’s password is validated against the on-premises Active Directory controller. The password doesn't need to be present in Microsoft Entra ID in any form. This allows for on-premises policies, such as sign-in hour restrictions, to be evaluated during authentication to cloud services."
upvoted 1 times
...
santi32
1 year, 7 months ago
Selected Answer: B
Pass-through authentication (A) simply validates on-premises passwords without enforcing on-premises policies like logon hours. Password synchronization Conditional access policies in Azure AD allow you to set conditions on when and how users can access Azure AD resources. While Azure AD doesn't directly support the "Logon Hours" feature of on-premises Active Directory, you can set up a conditional access policy to block or allow access based on time and other conditions, effectively replicating the restrictions in Azure AD.
upvoted 3 times
Lovell88
1 year, 6 months ago
There is no time condition in CA. This isn't correct. Don't trust this answer.
upvoted 3 times
...
ATHOOS
1 year, 5 months ago
Nonsense response ...
upvoted 2 times
...
Perycles
1 year, 3 months ago
just checked all CA , nothing about Hours restrictions for WIndows Login .... you are talking about "Ressources access" not "Windows login .... " so PTA is definitively the good answer.
upvoted 1 times
...
...
DiligentSam
1 year, 8 months ago
Conditional access policies. From ChatGPT You should recommend using conditional access policies in Azure AD to enforce logon hour restrictions for synced users. Conditional access policies allow you to define access rules based on various conditions, including time of day. By creating a conditional access policy that requires users to sign in during business hours, you can ensure that logon hour restrictions are enforced for synced users in Azure AD.
upvoted 2 times
RJTW070
1 year, 7 months ago
My first thought was conditional access this confirmed this. I also checked this via AI and it is the same.
upvoted 1 times
...
...
Greatone1
1 year, 8 months ago
I was wrong given answer is correct
upvoted 1 times
...
Greatone1
1 year, 8 months ago
I believe answer is b conditional access
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago