Had this question on Transcender practice exam
"Your company has an Active Directory domain named verigon.com. All of your servers run Windows Server 2012 R2. You plan to configure a Web Application Proxy on server named 2012R2-A and publish an application named VerigonApp that will forward all preauthentication requests to a backend server.
You run the following Add-WebApplicationProxyApplication cmdlet:"
Correct answer is
Add-WebApplicationProxyApplication
-Name 'VerigonApp'
-BackendServerUrl http://VerigonApp/app1
-ExternalUrl https://VerigonApp.verigon.com/app1
-ExternalPreauthentication 'PassThrough'
-ExternalCertificateThumbprint '1a2b3c4d5e6f1a2b3c4d5e6f1a2b3c4d5e6f1a2b'
My Question is how do I know if I need -ExternalPreauthentication 'PassThrough' or -ExternalPreauthentication 'ADFS'
Does preauthentication request in the ? tell me "PassThrough" or is it because it will forward the request to a backend server?
If so could a backend server not be a ADFS server or is ADFS usually a front end thing?