Microsoft 365 Identity and Services (legacy) — Question 62
Your network contains an on-premises Active Directory domain named contoso.com.
For all user accounts, the Logon Hours settings are configured to prevent sign-ins outside of business hours.
You plan to sync contoso.com to an Azure Active Directory (Azure AD) tenant.
You need to recommend a solution to ensure that the logon hour restrictions apply when synced users sign in to Azure AD.
What should you include in the recommendation?
Answer options
- A. password synchronization
- B. conditional access policies
- C. pass-through authentication
- D. Azure AD Identity Protection policies
Correct answer: C
Explanation
The correct answer is C, pass-through authentication, as it allows users to log in to Azure AD with their on-premises credentials, maintaining the logon hour restrictions defined in Active Directory. Options A, B, and D do not directly enforce logon hour settings; password synchronization only syncs passwords, conditional access policies manage access based on conditions but do not enforce logon hours, and Azure AD Identity Protection policies focus on risk-based conditional access rather than time restrictions.