exam questions

Exam AZ-305 All Questions

View all questions & answers for the AZ-305 exam

Exam AZ-305 topic 1 question 3 discussion

Actual exam question from Microsoft's AZ-305
Question #: 3
Topic #: 1
[All AZ-305 Questions]

You have an Azure Active Directory (Azure AD) tenant that syncs with an on-premises Active Directory domain.
You have an internal web app named WebApp1 that is hosted on-premises. WebApp1 uses Integrated Windows authentication.
Some users work remotely and do NOT have VPN access to the on-premises network.
You need to provide the remote users with single sign-on (SSO) access to WebApp1.
Which two features should you include in the solution? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  • A. Azure AD Application Proxy
  • B. Azure AD Privileged Identity Management (PIM)
  • C. Conditional Access policies
  • D. Azure Arc
  • E. Azure AD enterprise applications
  • F. Azure Application Gateway
Show Suggested Answer Hide Answer
Suggested Answer: AE 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
trap84
Highly Voted 2 years, 12 months ago
A&E is the correct answer. Azure App proxy for connecting without vpn and Enterprise App for SSO
upvoted 65 times
...
itmaster
Highly Voted 2 months, 2 weeks ago
It's required to download connector under (Application Proxy) and create a new application under (Enterprise Application), however for (Pre Authentication) option, you can choose "Passthrough" or "Azure Active Directory", and both will work, but it's recommended to use "Azure Active Directory" so you can take advantage of using conditional access and MFA. Answer is (A) & (E) as they're both required as part of the solution to work, where as (C) is just an optional feature. Reference: https://docs.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-add-on-premises-application
upvoted 29 times
FrancisFerreira
2 years, 8 months ago
You reasoning looks flawless to me. We need to pay attention to the question's wording: "Which two features SHOULD you include in the solution? EACH CORRECT ANSWER PRESENTS PART OF THE SOLUTION." To do (A) you need (E). So they are both PART of the solution. (C) is an extra step that's recommended by MS. (C) is not PART of the solution, given you don't actually need it to fulfill the requirements, therefore it is also not something you SHOULD do.
upvoted 5 times
...
...
SeMo0o0o0o
Most Recent 3 weeks, 2 days ago
Selected Answer: AE
A & E are correct
upvoted 1 times
...
stonwall12
2 months, 2 weeks ago
Correct Answer - A: Azure AD Application Proxy Azure AD Application Proxy provides remote access and single sign-on (SSO) capabilities to on-premises web applications. The internal web app can be published to Azure AD, and users can access the app outside the company network. https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy Correct Answer - E: Azure AD enterprise applications Azure AD enterprise applications are essentially app registrations in Azure AD for cloud-based and on-premises applications. This is where we can manage authentication requirements and assign user access. https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/add-application-portal Just to clarify, the 'Application Proxy' handles the connection to the on-premises network, and the' Enterprise Applications' manages the authentication and authorization for the app.
upvoted 2 times
...
zellck
2 months, 2 weeks ago
Selected Answer: AE
AE is the answer. https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy Azure Active Directory's Application Proxy provides secure remote access to on-premises web applications. After a single sign-on to Azure AD, users can access both cloud and on-premises applications through an external URL or an internal application portal. https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/add-application-portal
upvoted 1 times
...
NotMeAnyWay
2 months, 2 weeks ago
Selected Answer: AE
To provide remote SSO access to an on-premises web app named WebApp1 with Integrated Windows authentication: - Use Azure AD Application Proxy to securely publish on-premises web apps to the internet without the need for a VPN. - Add WebApp1 as an Azure AD enterprise application to enable Azure AD to provide authentication and authorization for the app. - Conditional Access policies, Azure AD PIM, Azure Arc, and Azure Application Gateway are not suitable for this task. - Conditional Access policies allow defining conditions for access to Azure AD-connected apps, but do not provide a solution for remote SSO access to an on-premises web app. - Azure AD PIM is used for managing access to Azure resources, but not for remote SSO access to an on-premises web app. - Azure Arc is a hybrid cloud management solution, and Azure Application Gateway is a web traffic load balancer, neither are relevant to providing remote SSO access to an on-premises web app.
upvoted 6 times
...
eli117
2 months, 2 weeks ago
Selected Answer: AE
A. Azure AD Application Proxy E. Azure AD enterprise applications.
upvoted 1 times
...
sw1000
2 months, 2 weeks ago
Selected Answer: AE
A and E are the correct answers
upvoted 1 times
...
flash007
1 year, 3 months ago
oops its an application proxy and not a gateway sorry for the confusion people
upvoted 2 times
...
flash007
1 year, 3 months ago
as there is an on premisis involved you will need an application gateway to allow access to this app that is hosted on prem
upvoted 2 times
...
ZUMY
1 year, 8 months ago
A & E are correct
upvoted 1 times
...
Skilled_Hawkeye
1 year, 8 months ago
Selected Answer: AE
A & E are right
upvoted 1 times
...
kakcnh2431
1 year, 9 months ago
correct
upvoted 1 times
...
jj22222
1 year, 9 months ago
Selected Answer: AE
AE are right answers
upvoted 1 times
...
OPT_001122
1 year, 10 months ago
A. Azure AD Application Proxy - connection without vpn - onprem scenario E. Azure AD enterprise applications
upvoted 1 times
...
Alessandro365
1 year, 10 months ago
Selected Answer: AE
A & E is the correct answer
upvoted 1 times
...
Bummer_boy
1 year, 10 months ago
Selected Answer: AE
A and E seems to be the correct ones
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...