CompTIA Security Plus Mock Test Q923

LDAP and Kerberos are commonly used for which of the following?

A. To perform queries on a directory service
B. To store usernames and passwords for Federated Identity
C. To sign SSL wildcard certificates for subdomains
D. To utilize single sign-on capabilities


Correct Answer: D
Section: Access Control and Identity Management

Explanation:
Single sign-on is usually achieved via the Lightweight Directory Access Protocol (LDAP), although Kerberos can also be used.

Incorrect Answers:
A: This refers to LDAP only.
B: Federated Identity links a subject’s accounts from several sites, services, or entities in a single account. It does not make use of LDAP and Kerberos.
C: SSL wildcard certificates are public key certificates, which can be used with multiple subdomains of a domain, for securing web sites with HTTPS.

References:
http://en.wikipedia.org/wiki/Single_sign-on
http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol
http://en.wikipedia.org/wiki/Federated_identity
http://en.wikipedia.org/wiki/Wildcard_certificate