Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Exam 7: Authentication and Authorization With Java

arrow
Exam 1: Introduction to Security Concepts42 Questionsadd course
Exam 2: Software Engineering and Security42 Questionsadd course
Exam 3: Essential Public Key Infrastructure42 Questionsadd course
Exam 4: Trust and Threat Model42 Questionsadd course
Exam 5: Java Programming Security42 Questionsadd course
Exam 6: Java Api-Level Security Features42 Questionsadd course
Exam 7: Authentication and Authorization With Java42 Questionsadd course
Exam 8: Secure Programming With C and Openssl42 Questionsadd course
Exam 9: Secure Programming With Perl42 Questionsadd course
Exam 10: Identity Management42 Questionsadd course
Exam 11: Security Topics42 Questionsadd course
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags
search iconSearch Question
flashcardsStudy Flashcards
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags

Compare one-factor and multiple-factor authentication.

Free
(Essay)
4.9/5
(33)
Question 1
Correct Answer:
Verified

Authentication techniques range from a one-factor simple log-on action. This action identifies users based on something that only the user knows such as a password. A multiple-factor authentication may additionally require something that the user has, such as public key certificates, biometrics, and secure hardware tokens.

Match each item with a statement below:
Premises:
Responses:
a traditional authentication method for Windows operating systems using a simple challenge response protocol
PAM
protocol that picks one of the available authentication methods for a system
LoginContext
the core authentication class in JAAS
NTSystem PAM
Correct Answer:
Verified
Premises:
Responses:
a traditional authentication method for Windows operating systems using a simple challenge response protocol
PAM
protocol that picks one of the available authentication methods for a system
LoginContext
the core authentication class in JAAS
NTSystem PAM
a framework for authentication and authorization in Internet protocols
Single sign-on
divides authentication into the authentication interface library, and the actual authentication mechanism-specific modules
SASL
a place where a number of services are being offered
Resource
a feature that enables users to access resources over the network without having to repeatedly supply their credentials
Role-based authorization
retrieves and makes available NT security information for the current user
NTLM authentication
allows fine-grained control over the mapping between access control and tasks performed in the deployment area
Negotiate
Free
(Matching)
4.9/5
(34)
Question 2
Correct Answer:
Verified

Authentication in JAAS is performed in a pluggable and stackable fashion. It is based on a concept called the ___________________ framework.

Free
(Short Answer)
4.7/5
(30)
Question 3
Correct Answer:
Verified

PAM (pluggable authentication module),PAM,pluggable authentication module,pluggable authentication module (PAM)

What are the main goals of JAAS?

(Essay)
4.8/5
(38)
Question 4

____ authentication is usually used with lightweight directory access protocol (LDAP) and Web authentication that transmits credentials across the network as an MD5 hash or message digest.

(Multiple Choice)
4.8/5
(37)
Question 5

What are some of the benefits of using pluggable authentication modules?

(Essay)
4.8/5
(33)
Question 6

The ____ PAM module provides a JAAS login module that prompts for a keystore alias and populates the subject with the alias's principal and credentials.

(Multiple Choice)
4.8/5
(39)
Question 7

What are the general steps performed when authenticating a Subject in JAAS?

(Essay)
4.8/5
(43)
Question 8

Java 2 provides access controls based on where the code originated from and who signed the code.

(True/False)
5.0/5
(32)
Question 9

____________________ is concerned with what an identity is allowed to do.

(Short Answer)
4.9/5
(34)
Question 10

The JAAS framework defines the term ____ to represent the requester for a service.

(Multiple Choice)
4.9/5
(35)
Question 11

A good authentication technology should be platform and system dependent.

(True/False)
4.8/5
(46)
Question 12

With ____, authorization is implemented by allowing the administrator to control which users or groups have the right to perform various administrative functions or to take any action that affects systemwide resources.

(Multiple Choice)
4.7/5
(37)
Question 13

Briefly describe authorization.

(Essay)
4.8/5
(34)
Question 14

Does a "good" authentication technology that is platform/system independent and provides SSO exist today? Explain your answer.

(Essay)
4.8/5
(36)
Question 15

Briefly describe the Refreshable interface.

(Essay)
4.7/5
(34)
Question 16

____________________ is a list attached to an object in a system. It consists of control expressions, each of which grants or denies some ability to a particular user or group of users.

(Short Answer)
4.8/5
(33)
Question 17

The ____ PAM module prompts for a username and password. It then verifies the password against the password stored in a directory service configured using Java naming and directory interface (JNDI).

(Multiple Choice)
4.8/5
(38)
Question 18

____ authentication is an industry standard documented under RFC 1510 that is used with either a password or a smart card for interactive log on.

(Multiple Choice)
4.8/5
(41)
Question 19

The ____ PAM module retrieves and makes available Solaris UID/GID/groups information for the current user.

(Multiple Choice)
4.8/5
(35)
Question 20
Showing 1 - 20 of 42
close modal

Filters

  • Essay(0)
  • Multiple Choice(0)
  • Short Answer(0)
  • True False(0)
  • Matching(0)