Question 1

5)PAM modules cannot be stacked together to support &#34;stacked authentication&#34; where an application can use one or more PAM modules for authentication.

Accepted Answer

PAM modules can be stacked together to support stacked authentication, allowing an application to use multiple PAM modules for authentication.

Question 2

13)The JAAS framework defines the term ____ to represent the requester for a service.&#10;A) resource&#10;B) credential&#10;C) subject&#10;D) principal

Accepted Answer

The JAAS (Java Authentication and Authorization Service) framework uses the term "subject" to represent the requester for a service. A subject may be a person or a service executing on behalf of a person.

Question 3

17)The ____ class is used by SaslServer to determine whether or not one entity can act on behalf of another entity in the SASL environment.&#10;A) ChoiceCallback&#10;B) AuthorizeCallback&#10;C) LanguageCallback&#10;D) RealmCallback

Accepted Answer

The AuthorizeCallback class is used by SaslServer to determine whether or not one entity can act on behalf of another entity in the SASL environment. The other classes listed (ChoiceCallback, LanguageCallback, RealmCallback) are not relevant to this functionality.

Question 4

19)The ____ class retrieves realm information for SaslClient and SaslServer.&#10;A) ChoiceCallback&#10;B) RealmCallback&#10;C) LanguageCallback&#10;D) AuthorizeCallback

Accepted Answer

The RealmCallback class retrieves realm information for SaslClient and SaslServer. ChoiceCallback is used for presenting a list of options to the user and getting their choice, LanguageCallback is used for getting the preferred language of the user, and AuthorizeCallback is used for obtaining authorization information from the client or server.

Question 5

2)A good authentication technology should be platform and system dependent.

Accepted Answer

A good authentication technology should not be platform or system dependent. Its effectiveness should not be affected by the type of platform or system used. It should be able to provide secure authentication across different platforms and systems.

Question 6

18)The ___ class retrieves the locale used for localizing text.&#10;A) ChoiceCallback&#10;B) AuthorizeCallback&#10;C) LanguageCallback&#10;D) RealmCallback

Accepted Answer

The LanguageCallback class is used to retrieve the locale used for localizing text. ChoiceCallback, AuthorizeCallback, and RealmCallback are all unrelated to localization.

Question 7

7)____ authentication is usually used with lightweight directory access protocol (LDAP) and Web authentication that transmits credentials across the network as an MD5 hash or message digest.&#10;A) Passport&#10;B) Digest&#10;C) Kerberos&#10;D) NTLM

Accepted Answer

The description provided in the question matches with Digest Authentication, which is designed to prevent eavesdropping and replay attacks. It uses an MD5 hash to authenticate the client's credentials over the network.

Question 8

15)The ____ class represents a Java implementation of the PAM framework.&#10;A) CallbackHandler&#10;B) Principal&#10;C) LoginContext&#10;D) Subject

Accepted Answer

The LoginContext class represents a Java implementation of the PAM framework. It provides a way to authenticate and authorize a user based on their login credentials and associated privileges. The CallbackHandler interface is used to handle login callbacks in the authentication process, the Principal interface represents the identity of the user being authenticated, and the Subject class represents the security context associated with a user session.

Question 9

12)With ____, authorization is implemented by allowing the administrator to control which users or groups have the right to perform various administrative functions or to take any action that affects systemwide resources.

A) administrative privileges
B) permissions inheritance
C) user-based authorization
D) discretionary access to securable objects

Accepted Answer

Administrative privileges allow the administrator to control which users or groups have the right to perform various administrative functions, which includes actions that affect systemwide resources. This is different from user-based authorization, which only controls access to specific resources based on individual user permissions. Permissions inheritance and discretionary access to securable objects are related concepts but do not directly address the issue of controlling administrative privileges.

Question 10

6)To log all user roles and trace who, when, and what actions an entity performs, ____ is usually implemented with authentication and authorization.&#10;A) sniffing&#10;B) surveillance&#10;C) auditing&#10;D) ACL

Accepted Answer

Auditing is the process of recording actions taken by users or entities, which is essential for identifying and preventing unauthorized activities. It allows a system administrator to determine what actions users have taken in the system and who conducted them. Sniffing is a form of network eavesdropping that enables an attacker to listen to network traffic in real-time. Surveillance involves monitoring systems to detect and prevent security breaches. ACL (Access Control List) is a set of rules that specify what actions a user can take on a specific resource. While ACL is related to authorization, it does not provide a complete solution for logging user roles and actions.

Question 11

9)The idea of ____ is that all security contexts are linked to a user instead of an application.&#10;A) discretionary access to securable objects&#10;B) permissions inheritance&#10;C) administrative privileges&#10;D) user-based authorization

Accepted Answer

The answer of 9)The idea of ____ is that all...

Question 12

8)____ authentication is an industry standard documented under RFC 1510 that is used with either a password or a smart card for interactive log on.&#10;A) Kerberos&#10;B) NTLM&#10;C) LDAP&#10;D) Digest

Accepted Answer

The answer of 8)____ authentication is an industry standard documented...

Question 13

3)Java 2 provides access controls based on where the code originated from and who signed the code.

Accepted Answer

The answer of 3)Java 2 provides access controls based on...

Question 14

16)To support stacked authentication, each PAM module, using the LoginModule interface, supports the notion of two-phase authentication using the login() and ____ method.&#10;A) commit()&#10;B) logout()&#10;C) submit()&#10;D) reset()

Accepted Answer

The answer of 16)To support stacked authentication, each PAM module,...

Question 15

10)With ____, authorization is implemented when you control permissions for new objects created in a container object by setting inheritable permissions on the container.&#10;A) user-based authorization&#10;B) permissions inheritance&#10;C) discretionary access to securable objects&#10;D) administrative privileges

Accepted Answer

The answer of 10)With ____, authorization is implemented when you...

Question 16

14)Regarding JAAS, the term ____ is used to represent a name associated with a subject.&#10;A) Subject&#10;B) Resource&#10;C) Credential&#10;D) Principal

Accepted Answer

The answer of 14)Regarding JAAS, the term ____ is used...

Question 17

Without authentication, it is impossible to assure who an entity is and whether or not to authorize any action at all.

Accepted Answer

The answer of Without authentication, it is impossible to assure...

Question 18

4)The Java security architecture itself has the ability to enforce authentication, or determining who runs the code, and authorization or determining what actions can be performed.

Accepted Answer

The answer of 4)The Java security architecture itself has the...

Question 19

20)The ____ PAM module prompts for a username and password. It then verifies the password against the password stored in a directory service configured using Java naming and directory interface (JNDI).

A) JndiLoginModule
B) KeyStoreLoginModule
C) SolarisLoginModule
D) UnixLoginModule

Accepted Answer

The answer of 20)The ____ PAM module prompts for a...

Question 20

11)____ enables authorization to be self-managed as an object owner can set permissions on all objects she or he created.&#10;A) User-based authorization&#10;B) Permissions inheritance&#10;C) Administrative privileges&#10;D) Discretionary access to securable objects

Accepted Answer

The answer of 11)____ enables authorization to be self-managed as...

Question 21

33)Compare one-factor and multiple-factor authentication.

Accepted Answer

The answer of 33)Compare one-factor and multiple-factor authentication....

Question 22

38)Briefly describe the Refreshable interface.

Accepted Answer

The answer of 38)Briefly describe the Refreshable interface....

Question 23

40)What are the general steps performed when authenticating a Subject in JAAS?

Accepted Answer

The answer of 40)What are the general steps performed when...

Question 24

31)A Subject can also own security-related attributes. These attributes are called ____________________ in JAAS.

Accepted Answer

The answer of 31)A Subject can also own security-related attributes....

Question 25

37)What are some of the benefits of using pluggable authentication modules?

Accepted Answer

The answer of 37)What are some of the benefits of...

Question 26

34)Does a &#34;good&#34; authentication technology that is platform/system independent and provides SSO exist today? Explain your answer.

Accepted Answer

The answer of 34)Does a &#34;good&#34; authentication technology that is...

Question 27

22)The ____ PAM module retrieves and makes available Solaris UID/GID/groups information for the current user.&#10;A) NTLoginModule&#10;B) SolarisSystem&#10;C) UnixLoginModule&#10;D) KeyStoreLoginModule

Accepted Answer

The answer of 22)The ____ PAM module retrieves and makes...

Question 28

24)The Java platform implements the concept of ____ to support thread execution across multiple modules with different context characteristics.&#10;A) least privilege&#10;B) least-common-denominator&#10;C) private credentials&#10;D) privilege credentials

Accepted Answer

The answer of 24)The Java platform implements the concept of...

Question 29

39)Briefly describe the Destroyable interface.

Accepted Answer

The answer of 39)Briefly describe the Destroyable interface....

Question 30

21)The ____ PAM module provides a JAAS login module that prompts for a keystore alias and populates the subject with the alias's principal and credentials.&#10;A) NTLoginModule&#10;B) SolarisLoginModule&#10;C) UnixLoginModule&#10;D) KeyStoreLoginModule

Accepted Answer

The answer of 21)The ____ PAM module provides a JAAS...

Question 31

27)____________________ is the assurance that an entity is who it claims to be.

Accepted Answer

The answer of 27)____________________ is the assurance that an entity...

Question 32

28)____________________ is concerned with what an identity is allowed to do.

Accepted Answer

The answer of 28)____________________ is concerned with what an identity...

Question 33

36)What are the main goals of JAAS?

Accepted Answer

The answer of 36)What are the main goals of JAAS?...

Question 34

41)What are some of the levels that can be set to specify the impact of the success or failure of a given log-in procedure on the overall JAAS authentication procedure?

Accepted Answer

The answer of 41)What are some of the levels that...

Question 35

30)Authentication in JAAS is performed in a pluggable and stackable fashion. It is based on a concept called the ___________________ framework.

Accepted Answer

The answer of 30)Authentication in JAAS is performed in a...

Question 36

26)In Java, a(n) ____ is used to make system resource access decisions based on the context it encapsulates.&#10;A) AccessController&#10;B) ACLController&#10;C) AccessPolicyContext&#10;D) AccessControlContext

Accepted Answer

The answer of 26)In Java, a(n) ____ is used to...

Question 37

23)The ____ PAM module retrieves and makes available Unix UID/GID/groups information for the current user.&#10;A) UnixLoginModule&#10;B) SolarisSystem&#10;C) SolarisLoginModule&#10;D) UnixSystem

Accepted Answer

The answer of 23)The ____ PAM module retrieves and makes...

Question 38

29)____________________ is a list attached to an object in a system. It consists of control expressions, each of which grants or denies some ability to a particular user or group of users.

Accepted Answer

The answer of 29)____________________ is a list attached to an...

Question 39

35)Briefly describe authorization.

Accepted Answer

The answer of 35)Briefly describe authorization....

Question 40

25)In Java, the ____ class does this comparison. It programmatically checks permissions and obtains the current Subject associated with the active access control context as well.&#10;A) AccessPolicy&#10;B) ACLController&#10;C) AccessController&#10;D) AccessControlContext

Accepted Answer

The answer of 25)In Java, the ____ class does this...

Question 41

Match between columns&#10;                        Premises: a traditional authentication method for Windows operating systems using a simple challenge response protocol&#10;a traditional authentication method for Windows operating systems using a simple challenge response protocol&#10;a traditional authentication method for Windows operating systems using a simple challenge response protocol&#10;a traditional authentication method for Windows operating systems using a simple challenge response protocol&#10;a traditional authentication method for Windows operating systems using a simple challenge response protocol&#10;a traditional authentication method for Windows operating systems using a simple challenge response protocol&#10;a traditional authentication method for Windows operating systems using a simple challenge response protocol&#10;a traditional authentication method for Windows operating systems using a simple challenge response protocol&#10;a traditional authentication method for Windows operating systems using a simple challenge response protocol&#10;protocol that picks one of the available authentication methods for a system&#10;protocol that picks one of the available authentication methods for a system&#10;protocol that picks one of the available authentication methods for a system&#10;protocol that picks one of the available authentication methods for a system&#10;protocol that picks one of the available authentication methods for a system&#10;protocol that picks one of the available authentication methods for a system&#10;protocol that picks one of the available authentication methods for a system&#10;protocol that picks one of the available authentication methods for a system&#10;protocol that picks one of the available authentication methods for a system&#10;the core authentication class in JAAS&#10;the core authentication class in JAAS&#10;the core authentication class in JAAS&#10;the core authentication class in JAAS&#10;the core authentication class in JAAS&#10;the core authentication class in JAAS&#10;the core authentication class in JAAS&#10;the core authentication class in JAAS&#10;the core authentication class in JAAS&#10;a framework for authentication and authorization in Internet protocols&#10;a framework for authentication and authorization in Internet protocols&#10;a framework for authentication and authorization in Internet protocols&#10;a framework for authentication and authorization in Internet protocols&#10;a framework for authentication and authorization in Internet protocols&#10;a framework for authentication and authorization in Internet protocols&#10;a framework for authentication and authorization in Internet protocols&#10;a framework for authentication and authorization in Internet protocols&#10;a framework for authentication and authorization in Internet protocols&#10;divides authentication into the authentication interface library, and the actual authentication mechanism-specific modules&#10;divides authentication into the authentication interface library, and the actual authentication mechanism-specific modules&#10;divides authentication into the authentication interface library, and the actual authentication mechanism-specific modules&#10;divides authentication into the authentication interface library, and the actual authentication mechanism-specific modules&#10;divides authentication into the authentication interface library, and the actual authentication mechanism-specific modules&#10;divides authentication into the authentication interface library, and the actual authentication mechanism-specific modules&#10;divides authentication into the authentication interface library, and the actual authentication mechanism-specific modules&#10;divides authentication into the authentication interface library, and the actual authentication mechanism-specific modules&#10;divides authentication into the authentication interface library, and the actual authentication mechanism-specific modules&#10;a place where a number of services are being offered&#10;a place where a number of services are being offered&#10;a place where a number of services are being offered&#10;a place where a number of services are being offered&#10;a place where a number of services are being offered&#10;a place where a number of services are being offered&#10;a place where a number of services are being offered&#10;a place where a number of services are being offered&#10;a place where a number of services are being offered&#10;a feature that enables users to access resources over the network without having to repeatedly supply their credentials&#10;a feature that enables users to access resources over the network without having to repeatedly supply their credentials&#10;a feature that enables users to access resources over the network without having to repeatedly supply their credentials&#10;a feature that enables users to access resources over the network without having to repeatedly supply their credentials&#10;a feature that enables users to access resources over the network without having to repeatedly supply their credentials&#10;a feature that enables users to access resources over the network without having to repeatedly supply their credentials&#10;a feature that enables users to access resources over the network without having to repeatedly supply their credentials&#10;a feature that enables users to access resources over the network without having to repeatedly supply their credentials&#10;a feature that enables users to access resources over the network without having to repeatedly supply their credentials&#10;retrieves and makes available NT security information for the current user&#10;retrieves and makes available NT security information for the current user&#10;retrieves and makes available NT security information for the current user&#10;retrieves and makes available NT security information for the current user&#10;retrieves and makes available NT security information for the current user&#10;retrieves and makes available NT security information for the current user&#10;retrieves and makes available NT security information for the current user&#10;retrieves and makes available NT security information for the current user&#10;retrieves and makes available NT security information for the current user&#10;allows fine-grained control over the mapping between access control and tasks performed in the deployment area&#10;allows fine-grained control over the mapping between access control and tasks performed in the deployment area&#10;allows fine-grained control over the mapping between access control and tasks performed in the deployment area&#10;allows fine-grained control over the mapping between access control and tasks performed in the deployment area&#10;allows fine-grained control over the mapping between access control and tasks performed in the deployment area&#10;allows fine-grained control over the mapping between access control and tasks performed in the deployment area&#10;allows fine-grained control over the mapping between access control and tasks performed in the deployment area&#10;allows fine-grained control over the mapping between access control and tasks performed in the deployment area&#10;allows fine-grained control over the mapping between access control and tasks performed in the deployment area

Accepted Answer

The Answer of Role-based authorization and Single sign-on and NTSystem is...

Question 42

42)Briefly describe the java.security.policy class.

Accepted Answer

The answer of 42)Briefly describe the java.security.policy class....

Deck 7: Authentication and Authorization With Java