Which of the following meets these requirements?

RC0-C02 0 Comments

A small company is developing a new Internet-facing web application. The security requirements are:

Users of the web application must be uniquely identified and authenticated.

Users of the web application will not be added to the company’s directory services.

Passwords must not be stored in the code.

Which of the following meets these requirements?
A . Use Open ID and allow a third party to authenticate users.
B . Use TLS with a shared client certificate for all users.
C . Use SAML with federated directory services.
D . Use Kerberos and browsers that support SAM

Answer: A

Explanation:

Users create accounts by selecting an OpenlD identity provider, and then use those accounts to sign onto any website which accepts Open ID authentication.

OpenlD is an open standard and decentralized protocol by the non-profit OpenlD Foundation that allows users to be authenticated by certain co-operating sites (known as Relying Parties or RP) using a third party service. This eliminates the need for webmasters to provide their own ad hoc systems and allowing users to consolidate their digital identities. In other words, users can log into multiple unrelated websites without having to register with their information over and over again.

Several large organizations either issue or accept OpenlDs on their websites according to the OpenlD Foundation: AOL, Blogger, Flickr, France Telecom, Google, Hyves, LiveJournal, Microsoft (provider name Microsoft account), Mixi, Myspace, Novell, Orange, Sears, Sun, Telecom Italia, Universal Music Group, VeriSign, WordPress, and Yahoo!. Other providers include BBC, IBM, PayPal, and Steam.

Incorrect Answers:

B: The question states that users of the web application must be uniquely identified and authenticated. A shared client certificate for all users does not meet this requirement.

C: The question states that users of the web application will not be added to the company’s directory services. SAML with federated directory services would require that the users are added to the directory services.

D: The question states that users of the web application must be uniquely identified and authenticated. Kerberos and browsers that support SAML provides no authentication mechanism.

References:

https://en.wikipedia.org/wiki/Openl D

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments