Microsoft 365 Identity and Services (legacy) — Question 59

Your company's network contains two Active Directory forests, with two domains configured per forest. All workstations are domain-joined and have Windows 10 installed.
You have created a Microsoft Azure Active Directory (Azure AD) tenant in preparation for configuring Hybrid Azure AD join for the workstations.
You want to make sure that the tenant can be discovered by the workstations.
Which of the following should you create in each forest?

Answer options

• A. A migration endpoint.
• B. A new conditional access policy.
• C. A new trust relationship.
• D. A new service connection point (SCP).

Correct answer: D

Explanation

Creating a new service connection point (SCP) in each forest allows the workstations to locate the Azure AD tenant for Hybrid Azure AD join. The other options, such as migration endpoints and trust relationships, do not directly facilitate the discovery of the Azure AD tenant by the workstations, and a conditional access policy is related to access control rather than discovery.