Explanation/Reference:
Explanation:
Scenario: Moble app: Users must be able to use their social accounts to sign in to the application. You must support LinkedIn, Facebook and Google Logons.
Azure Active Directory B2C supports Facebook, Microsoft Accounts, Google+, LinkedIn, and many others, or you can add your own.
References: https://azure.microsoft.com/en-us/services/active-directory-b2c/ Testlet 1 Background Trey Research is the global leader in analytical data collection and research. Trey Research houses its servers in a highly secure server environment. The company has continuous monitoring, surveillance, and support to prevent unauthorized access data security.
The company uses advanced security measures including firewalls, security guards, and surveillance to ensure the continued service and protection of data from natural disaster, intruders, and disruptive events.
Trey Research has recently expanded its operations into the cloud using Microsoft Azure, The Company creates an Azure virtual network and a Virtual Machine (VM) for moving on-premises Subversion repositories to the cloud. Employees access Trey Research applications hosted on- premises and in the cloud by using credentials stored on-premises.
Applications
Trey Research host two mobile apps on Azure, DataViewer and DataManager. The company uses Azure- hosted web apps for internal and external users. Federated partners of the Trey Research have a single sign-on (SSO) experience with the DataViewer application.
Architecture
You have an Azure Virtual Network (VNET) named TREYRESEARCH_VNET. The VNET includes all hosted VMs. The virtual network includes a subnet named Frontend and a subnet named RepoBackend. A resource group has been created to contain the TREYRESEARCH_VNET, DataManager and DataViewer.
You manage VMs using System Center VM Manager (SCVMM). Data for specific high security projects and clients are hosted on- premises. Data for the other projects and clients are hosted in the cloud.
Azure Administration

Data Manager
The DataManager app connects to a RESTful service. It allows users to retrieve, update, and delete Trey Research data.
Disaster Recovery
You have the following general requirements:
Azure deployment tasks must be automated by using Azure Resource Manager (ARM) Azure tasks

must be automated by using Azure PowerShell.
Disaster recovery and business continuity plans must use single, integrated service that support the

following features:
- All VMs must be backed up to the Azure.
- All on-premises data must be backed up off-site and available for recovery in the event of a disaster.
- Disaster testing must be performed to ensure that recovery times meet management guidelines.
- Fail-over testing must not impact production.
Security
You identify the following security requirements:

You host multiple subversion (SVN) repositories in the RepoBackend subnet. The SVN servers on this

subnet must use inbound and outbound TCP at port 8443.
Any configuration changes to account synchronization must be tested without disrupting the services.

High availability is required for account synchronization services.

Employees must never have to revert to old passwords.

Usernames and passwords must not be passed in plain text.

Any identity solution must support Kerberos authentication protocol. You must use Security Assertion

Markup Language (SAML) claims to authenticate to on premise data resources. You must implement an on- premises password policy.
User must be able to reset their passwords in the cloud.

Subversion Server Sheet