Identity with Windows Server 2016 — Question 20

You are deploying a web application named WebApp1 to your internal network. WebApp1 is hosted on a server named Web1 that runs Windows Server 2016.
You deploy an Active Directory Federation Services (AD FS) infrastructure and a Web Application Proxy to provide access to WebApp1 for remote users.
You need to ensure that Web1 can authenticate the remote users.
What should you do?

Answer options

• A. Publish WebApp1 by using AD FS preauthentication.
• B. Publish WebApp1 as a Remote Desktop Gateway (RD Gateway) application in the Web Application Proxy.
• C. Publish WebApp1 by using pass-through preauthentication.
• D. Publish WebApp1 by using client certificate preauthentication.

Correct answer: C

Explanation

The correct answer is C, as pass-through preauthentication allows Web1 to authenticate users directly against the Active Directory without requiring additional credentials, making it suitable for remote access. Option A is incorrect because AD FS preauthentication is not necessary in this scenario. Option B is wrong since publishing as an RD Gateway does not apply to web applications. Option D is not suitable because client certificate preauthentication requires each user to have a certificate, which is not mentioned in the requirements.