CompTIA Security Plus Mock Test Q885

A system administrator is configuring UNIX accounts to authenticate against an external server. The configuration file asks for the following information DC=ServerName and DC=COM. Which of the following authentication services is being used?

A. RADIUS
B. SAML
C. TACACS+
D. LDAP


Correct Answer: D
Section: Access Control and Identity Management

Explanation:
The Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services
over an Internet Protocol (IP) network. Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users,
systems, networks, services, and applications throughout the network. As examples, directory services may provide any organized set of records, often with a hierarchical structure,
such as a corporate email directory. Similarly, a telephone directory is a list of subscribers with an address and a phone number.
An entry can look like this when represented in LDAP Data Interchange Format (LDIF) (LDAP itself is a binary protocol):
dn: cn=John Doe,dc=example,dc=com
cn: John Doe
givenName: John
sn: Doe
telephoneNumber: +1 888 555 6789
telephoneNumber: +1 888 555 1232
mail: john@example.com
manager: cn=Barbara Doe,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
“dn” is the distinguished name of the entry; it is neither an attribute nor a part of the entry. “cn=John Doe” is the entry’s RDN (Relative Distinguished Name), and “dc=example,dc=com”
is the DN of the parent entry, where “dc” denotes ‘Domain Component’. The other lines show the attributes in the entry. Attribute names are typically mnemonic strings, like “cn” for
common name, “dc” for domain component, “mail” for e-mail address, and “sn” for surname.

Incorrect Answers:
A: A RADIUS server is a server with a database of user accounts and passwords used as a central authentication database for users requiring network access. The authentication
method described in this question is not using a RADIUS server.
B: Security Assertion Markup Language (SAML) is an XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular,
between an identity provider and a service provider. The authentication method described in this question is not SAML.
C: Terminal Access Controller Access-Control System (TACACS) refers to a family of related protocols handling remote authentication and related services for networked access
control through a centralized server. The authentication method described in this question is not TACACS+.

References:
http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol#Directory_structure