Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft Exam AZ-800 Topic 9 Question 61 Discussion

Actual exam question for Microsoft's AZ-800 exam
Question #: 61
Topic #: 9
[All AZ-800 Questions]

Your network contains an on-premises Active Directory Domain Services (AD DS) domain. The domain contains a user named User1 and the servers shown in the following table.

User1 is a member of the Protected Users security group.

User1 performs the following actions:

* From Server1, establishes a remote PowerShell session on Server2

* From the PowerShell session on Server2, attempts to access a resource on Backup1

The request to access the resource on 8ackup1 is denied.

You need to ensure that User1 can access the resources on Backup1 by using the PowerShell session on Server2. The solution must follow the principle of least privilege and minimize administrative effort.

What should you configure?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Lili at Nov 15, 2024, 02:33 PM

Limited Time Offer

25%

Off

Get Premium AZ-800 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Anissa
2 months ago
I don't know, but I'm hoping the exam doesn't have any trick questions like 'What is the square root of -1?' or 'How many angels can dance on the head of a pin?'
upvoted 0 times
Moon
22 days ago
D) resource-based Kerberos constrained delegation
upvoted 0 times
...
Veronika
23 days ago
C) PSSessionConfiguration by using RunAs
upvoted 0 times
...
Laticia
27 days ago
B) CredSSP
upvoted 0 times
...
Niesha
1 months ago
A) Kerberos delegation (unconstrained)
upvoted 0 times
...
...
Elli
2 months ago
I'm not sure about that. I think C) PSSessionConfiguration by using RunAs could also work. It minimizes administrative effort.
upvoted 0 times
...
Micah
2 months ago
Option C, using PSSessionConfiguration with RunAs, could work, but it might be more administratively complex than the constrained delegation approach.
upvoted 0 times
Keena
1 months ago
D) resource-based Kerberos constrained delegation
upvoted 0 times
...
Yoko
1 months ago
C) PSSessionConfiguration by using RunAs
upvoted 0 times
...
Filiberto
1 months ago
B) CredSSP
upvoted 0 times
...
Ulysses
2 months ago
A) Kerberos delegation (unconstrained)
upvoted 0 times
...
...
Barney
3 months ago
Unconstrained Kerberos delegation (option A) would be too risky, as it could allow User1 to impersonate other users. CredSSP (option B) doesn't seem to be the best fit here.
upvoted 0 times
Ammie
1 months ago
Let's implement option D to minimize administrative effort and ensure User1 can access the resources on Backup1.
upvoted 0 times
...
Karma
2 months ago
I agree, option D would allow User1 to access the resources on Backup1 while following the principle of least privilege.
upvoted 0 times
...
Hyman
2 months ago
We should go with option D, resource-based Kerberos constrained delegation.
upvoted 0 times
...
...
Hubert
3 months ago
I agree with Shay. It makes sense to use resource-based Kerberos constrained delegation to ensure User1 can access the resources on Backup1.
upvoted 0 times
...
Shay
3 months ago
I think the answer is D) resource-based Kerberos constrained delegation.
upvoted 0 times
...
Nguyet
3 months ago
I think the correct answer is D. Resource-based Kerberos constrained delegation allows User1 to access the resource on Backup1 without granting unnecessary privileges, which aligns with the principle of least privilege.
upvoted 0 times
Pearly
2 months ago
Great, that aligns with the principle of least privilege.
upvoted 0 times
...
Lura
2 months ago
Exactly, it minimizes administrative effort as well.
upvoted 0 times
...
Nikita
2 months ago
That's correct. It allows User1 to access Backup1 without extra privileges.
upvoted 0 times
...
Boris
2 months ago
User1 should configure resource-based Kerberos constrained delegation.
upvoted 0 times
...
...

Save Cancel