4.9.5 NSF PQs
A company wants to set up single sign-on (SSO) without passing credentials through to each piece of software and cloud service. Which protocol would meet this requirement?
OAuth
What is mutual authentication?
A process by which each party in an online communication verifies the identity of the other party.
A manufacturing company recently bought out another similar company. They need to link each company's directory systems together to access their resources without merging the two. How can they link the two directory systems together?
Federation
In a company, different departments actively access various cloud-based applications and services to perform their tasks efficiently. The company's security team has concerns about the growing complexity and risks of managing user credentials across multiple platforms. To address this concern proactively, the team implements a modern authentication solution that actively provides single sign-on (SSO) capabilities, ensuring enhanced user convenience and security. In this scenario, which technology should the organization proactively employ for federation and enabling SSO capabilities effectively across the diverse range of cloud-based applications?
Open Authorization (OAuth)
Which of the following are the access levels that are generally granted on the directory in LDAP? (Select two.)
Read-only access Read/write access
A real estate investment firm wants to implement single sign-on (SSO) for its dozens of services and software. The firm found a vendor to implement that request using the eXtensible Markup Language (XML) standard. What solution does this vendor use for SSO?
SAML
The IT administrator for a large university uses an LDAP directory service to manage user access to various computing resources. To ensure the directory's security, which of the following measures should the administrator implement? answer Allow anonymous access to the directory for easy user onboarding.
Set up LDAP Secure (LDAPS) with a digital certificate on port 636 for secure user credential exchange.
An educational institution's systems administrator is responsible for securing the LDAP directory service for the organization's computing resources. Which authentication method should the systems administrator implement to ensure secure access?
Simple Authentication and Security Layer (SASL)
In a Kerberos authentication system, how does the Ticket Granting Service (TGS) contribute to the single sign-on (SSO) process?
The TGS issues service tickets to clients for accessing specific services.
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the user's identity to the target system?
Ticket
