exam questions

Exam AZ-305 All Questions

View all questions & answers for the AZ-305 exam

Exam AZ-305 topic 1 question 28 discussion

Actual exam question from Microsoft's AZ-305
Question #: 28
Topic #: 1
[All AZ-305 Questions]

You have an application that is used by 6,000 users to validate their vacation requests. The application manages its own credential store.
Users must enter a username and password to access the application. The application does NOT support identity providers.
You plan to upgrade the application to use single sign-on (SSO) authentication by using an Azure Active Directory (Azure AD) application registration.
Which SSO method should you use?

  • A. header-based
  • B. SAML
  • C. password-based
  • D. OpenID Connect
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
ExamTopicsTST
Highly Voted 2 years, 2 months ago
Selected Answer: C
Password based. https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/plan-sso-deployment#single-sign-on-options
upvoted 12 times
...
zellck
Highly Voted 1 year, 9 months ago
Selected Answer: C
C is the answer. https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/plan-sso-deployment#single-sign-on-options Password-based - Choose password-based when the application has an HTML sign-in page. Password-based SSO is also known as password vaulting. Password-based SSO enables you to manage user access and passwords to web applications that don't support identity federation. It's also useful where several users need to share a single account, such as to your organization's social media app accounts. Password-based SSO supports applications that require multiple sign-in fields for applications that require more than just username and password fields to sign in. You can customize the labels of the username and password fields your users see on My Apps when they enter their credentials.
upvoted 9 times
...
Thanveer
Most Recent 4 days, 5 hours ago
Selected Answer: C
Password-based SSO allows you to manage credentials for applications that do not support identity providers. It works by securely storing the username and password in Azure AD and automatically signing in users when they access the application. So, the correct answer is C. password-based.
upvoted 1 times
...
SeMo0o0o0o
3 weeks, 2 days ago
Selected Answer: C
C is correct
upvoted 1 times
...
MeisAdriano
1 month, 1 week ago
Selected Answer: D
AI Answer: Given your scenario, the best SSO method to use would be D. OpenID Connect1 . Here's why the other options are not suitable: A. Header-based: This method is typically used for API authentication rather than user authentication for applications2 3 . B. SAML (Security Assertion Markup Language): While SAML is a valid SSO method, it is more commonly used for enterprise applications and requires more complex setup and management3 . C. Password-based: This is not an SSO method but rather the traditional way of logging in with a username and password, which you're already using and want to move away from. OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol and is well-suited for applications that need to authenticate users via an identity provider like Azure AD2 3 . It allows users to log in with their existing credentials and provides a seamless SSO experience.
upvoted 1 times
...
ValB
3 months ago
Such an confusing question Microsoft! It says that the app doesn't support identity providers, than it taks about upgrading it. But as part of the upgrade, we could make the app support identity providers! In that case, maybe OpenID Connect could also be a valid answer!
upvoted 1 times
...
23169fd
5 months, 2 weeks ago
Selected Answer: C
Password-Based SSO: This method is ideal for applications that do not support identity providers or modern authentication protocols. It enables Azure AD to securely store and manage the application's credentials. Users authenticate with Azure AD, and then Azure AD provides the stored credentials to the application.
upvoted 1 times
...
JazzF
10 months, 4 weeks ago
Passed the exam on 10-Jan-24. This question appeared on the exam
upvoted 6 times
...
totalz
1 year, 10 months ago
Confusing, the article stated with application registration, it will set to use OpenID Connect and OAuth by default. Only Application Proxy is used with password-based!!
upvoted 3 times
...
OPT_001122
1 year, 10 months ago
Thanks to all who have mentioned the exam dates
upvoted 7 times
...
OPT_001122
1 year, 10 months ago
Selected Answer: C
C. password-based
upvoted 2 times
...
janvandermerwer
1 year, 10 months ago
Selected Answer: C
Badly worded question and answers. I'd lean towards password based authentication as being the "most correct" answer. However, in the real world, probably use linked mode or similar.
upvoted 1 times
...
Ghoshy
1 year, 11 months ago
Exam Question 12/28/2022
upvoted 5 times
...
ShaheedM
2 years ago
Selected Answer: C
Answer is C
upvoted 3 times
...
Bobby1977
2 years, 1 month ago
How do we say the application is hosted in on-prem? If so, answer is correct.
upvoted 4 times
r3verse
2 years ago
See flowchart here: https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/plan-sso-deployment#single-sign-on-options . Even if it's cloud based, you will end up at password based
upvoted 4 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago