Certs Club
Home
Oracle Microsoft Cisco CompTIA Salesforce Amazon AACE International Acams Anthropic Apple View All Vendors →
Login Register

Microsoft SC-900 - Microsoft Security, Compliance, and Identity Fundamentals Certification Exam

Download Exam View Entire Exam
Page: 1 / 1
Question #1 (Topic: demo questions)

Select the answer that correctly completesthe sentence. 

A.
Answer Area
Sentence Fragment (Start)Drop-Down OptionsSelected AnswerSentence Fragment (End)
Federation is used to establish

• multi-factor authentication (MFA)


• a trust relationship


• user account synchronization


• a VPN connection

a trust relationshipbetween organizatioN
Correct Answer: A
Explanation:
TermConcept DescriptionWhy it is Correct / Incorrect
a trust relationshipCorrect Selection: Federation allows an organization to trust identity assertions (tokens) issued by an external organization's identity provider.This mechanism establishes a formal trust relationship that permits single sign-on (SSO) and safe resource sharing across distinct corporate boundaries without managing external credentials locally.
multi-factor authentication (MFA)Incorrect Selection: MFA is a security verification method requiring multiple forms of identification.While federation policies can pass or request MFA claims, federation itself is not an MFA method.
user account synchronizationIncorrect Selection: This involves copying and updating identity database objects from one directory system to another.Federation specifically avoids account duplication by letting users log in using their home directory credentials directly.
a VPN connectionIncorrect Selection: A Virtual Private Network provides security at the network layer.Federation operates entirely at the identity and application layers rather than establishing hardware or network-level tunnels.
In Microsoft identity and access scenarios, federation is explicitly defined as a mechanism to create trust between autonomous organizations so that identities authenticated in one can be accepted by another. Microsoft describes this as: “Federation is a collection of domains that have established trust.” In a federation, “this trust relationship lets each organization accept the other’s user authentication” and enables access to resources without the need to duplicate user accounts or require separate credentials. Within Azure AD/Microsoft Entra and AD FS guidance, Microsoft further explains that federation enables “claims-based access across security boundaries” and “allows users to access applications in a partner organization using their existing credentials.” These statements underline that the purpose of federation is to establish a trust relationship across identity providers or directories, not to provide multi-factor authentication, synchronize accounts, or build network tunnels. MFA is an authentication strength that can be applied on top of federated sign-in, user accountsynchronization is handled by services like Microsoft Entra Connect (Azure AD Connect), and VPNs provide network connectivity, not identity trust. Therefore, the completion that aligns with Microsoft SCI documentation is that federation establishes a trust relationship between organizations.
Download Exam
Page: 1 / 1
Next Page