Which combination of the following would satisfy these requirements?

6 thoughts on “Which combination of the following would satisfy these requirements?”

1. It is not clear. Please have a look to bellow link

   https://docs.aws.amazon.com/directoryservice/latest/admin-guide/what_is.html

   I guess about :

   – “same mechanism for accessing its AWS accounts”. Correct answer is : D. Use AD Connector for application authentication.
   – “to launch a public facing application”. Correct answer is: C. Use Amazon Cognito user pools for application authentication.

   So for my correct answer are D & C.

   1

   Reply

   1. Sorry both D & C talk about application authentication so both cant be the solution.

      I guess it is: C & E

      – “same mechanism for accessing its AWS accounts”. Correct answer is :E. Set up federated sign-in to AWS through ADFS and SAML.

      1

      Reply

2. Correct answers are C and E.
   The requirement has 2 important objectives. The company wants on-premise AD to authenticate for both existing on-premise resources and an incoming public-facing application.
   Amazon Cognito user pool with SAML ID provider (ADFS) meets it. Amazon Cognito user pool can integrate with applications easily.
   https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-saml-idp.html
   The combination of option A and B provides only extending on-premise AD to AWS. It does not provide an authentication for applications.
   https://aws.amazon.com/blogs/security/securely-extend-and-access-on-premises-active-directory-domain-controllers-in-aws/
   The combination of option B and D provides an user authentication for AWS management console by on-premise AD.
   https://aws.amazon.com/premiumsupport/knowledge-center/enable-active-directory-console-access/

   Reply

3. C&E
   AA

   2

   Reply

4. B&E

   1

   Reply

5. C, E is correct

   2

   1

   Reply