CompTIA Security Plus Mock Test Q995

The security manager wants to unify the storage of credential, phone numbers, office numbers, and address information into one system. Which of the following is a system that will support the requirement on its own?

A. LDAP
B. SAML
C. TACACS
D. RADIUS


Correct Answer: A
Section: Access Control and Identity Management

Explanation:
A ‘directory’ contains information about users.
The Lightweight Directory Access Protocol (LDAP) is a directory service protocol that runs on a layer above the TCP/IP stack. It provides a mechanism used to connect to, search, and
modify Internet directories.
The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information
services over an Internet Protocol (IP) network. Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about
users, systems, networks, services, and applications throughout the network. As examples, directory services may provide any organized set of records, often with a hierarchical
structure, such as a corporate email directory. Similarly, a telephone directory is a list of subscribers with an address and a phone number.

Incorrect Answers:
B: Security Assertion Markup Language (SAML) is an XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular,
between an identity provider and a service provider. SAML is not used for the storage of credential, phone numbers, office numbers, and address information into one system.
C: Terminal Access Controller Access-Control System (TACACS) is a client/server-oriented environment, and operates in a manner similar to RADIUS. TACACS is not used for the
storage of credential, phone numbers, office numbers, and address information into one system.
D: Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users
who connect and use a network service. RADIUS is not used for the storage of credential, phone numbers, office numbers, and address information into one system.

References:
https://msdn.microsoft.com/en-us/library/aa367008(v=vs.85).aspx
https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol