1. Home
  2. Teknologi

Authentication and Authorization

Authentication and Authorization

. Configure authentication and authorization

Cram Saver

1. What is the process used to confirm a user’s identity?

❍ A. Authentication ❍ B. Authorization ❍ C. Auditing ❍ D. Certificate

2. Which local user accounts are automatically created when you install a fresh copy of Windows 7 and are also disabled by default? (Choose all that apply.)

❍ A. Administrator ❍ B. Administrators ❍ C. RemoteIdentity ❍ D. Guest

Answers

1. A is correct. Authentication is the process used to confirm a user’s identi- ty, when he or she accesses a computer system or additional system resources. Answer B is incorrect because authorization occurs after authentication, which allows access to a network resource. Answer C is incorrect because auditing is the recording of activity to be used to track user actions. Answer D is incorrect because a digital certificate is a form of authentication.

2. A and D are correct. The built-in administrator account provides complete access to files, directories, and services. The Guest account is designed for users who need one-time or occasional access. The Administrator and Guest accounts are disabled by default. Answer B is incorrect because Administrators is a group, not an account. Answer C is incorrect because there is no user account called RemoteIdentity.

Authentication is the process used to confirm a user’s identity when he or she accesses a computer system or an additional system resource. The most com- mon authentication method is using a username and password. When working

Authentication and Authorization

with transactions over the Internet that deal with money, credit cards, or per- sonal information, username/password authentication has an inherent weak- ness given its susceptibility to passwords that can be stolen, accidentally revealed, or hacked.

Because of this weakness, these transactions usually employ digital certificates to prove the identity of users or companies and also contain an encryption key, which is used to encrypt data sent over the Internet.

Users must be authenticated to verify their identity when accessing files or other network resources over the network. The Windows 7 operating system includes the following authentication methods for network logons:

. Kerberos version 5 protocol: The main logon authentication method used by clients and servers running Microsoft Windows operating sys- tems. It is used to authenticate both user accounts and computer accounts.

. Windows NT LAN Manager (NTLM): Used for backward compati- bility with pre-Windows 2000 operating systems and some applications. It is less flexible, efficient, and secure than the Kerberos version 5 protocol.

. Certificate mapping: Typically used in conjunction with smart cards for logon authentication. The certificate stored on a smart card (about the size of a credit card) is linked to a user account for authentication.

A smart card reader is used to read the smart card and authenticate the user.

After you have authentication proving who or what an identity is, you can then use authorization, which allows a system to determine whether an authenticated user can access a resource and how they can access the resource.

A right authorizes a user to perform certain actions on a computer, such as logging on to a system interactively/locally to the computer, backing up files and directories, performing a system shutdown, or adding/removing a device driver. Administrators can assign specific rights to individual user accounts or group accounts. Rights are managed with the User Rights policy. For Windows Server 2008, you can find user rights by opening the group policy via the Group Policy Management console, opening Computer Configuration, opening Windows Settings, opening Security Settings, open- ing Local Policies, and opening User Rights Assignment.

CHAPTER 8: User Management

FIGURE 8.1 User rights.

A permission defines the type of access granted to an object or object attrib- ute. The permissions available for an object depend on the type of object. For example, a user has different permissions than a printer, which has different permissions than a file or folder on an NTFS volume. When a user or service tries to access an object, its access is granted or denied by an Object Manager. File and Folder permissions as well as Shared permissions are handled by Windows Explorer.

Dokumen yang terkait

Keanekaragaman Makrofauna Tanah Daerah Pertanian Apel Semi Organik dan Pertanian Apel Non Organik Kecamatan Bumiaji Kota Batu sebagai Bahan Ajar Biologi SMA

26 317 36

FREKUENSI KEMUNCULAN TOKOH KARAKTER ANTAGONIS DAN PROTAGONIS PADA SINETRON (Analisis Isi Pada Sinetron Munajah Cinta di RCTI dan Sinetron Cinta Fitri di SCTV)

27 310 2

Analisis Sistem Pengendalian Mutu dan Perencanaan Penugasan Audit pada Kantor Akuntan Publik. (Suatu Studi Kasus pada Kantor Akuntan Publik Jamaludin, Aria, Sukimto dan Rekan)

136 695 18

DOMESTIFIKASI PEREMPUAN DALAM IKLAN Studi Semiotika pada Iklan "Mama Suka", "Mama Lemon", dan "BuKrim"

133 700 21

KONSTRUKSI MEDIA TENTANG KETERLIBATAN POLITISI PARTAI DEMOKRAT ANAS URBANINGRUM PADA KASUS KORUPSI PROYEK PEMBANGUNAN KOMPLEK OLAHRAGA DI BUKIT HAMBALANG (Analisis Wacana Koran Harian Pagi Surya edisi 9-12, 16, 18 dan 23 Februari 2013 )

64 565 20

PENERAPAN MEDIA LITERASI DI KALANGAN JURNALIS KAMPUS (Studi pada Jurnalis Unit Aktivitas Pers Kampus Mahasiswa (UKPM) Kavling 10, Koran Bestari, dan Unit Kegitan Pers Mahasiswa (UKPM) Civitas)

105 442 24

Pencerahan dan Pemberdayaan (Enlightening & Empowering)

0 64 2

KEABSAHAN STATUS PERNIKAHAN SUAMI ATAU ISTRI YANG MURTAD (Studi Komparatif Ulama Klasik dan Kontemporer)

5 102 24

GANGGUAN PICA(Studi Tentang Etiologi dan Kondisi Psikologis)

4 75 2

Efek Hipokolesterolemik dan Hipoglikemik Patigarut Butirat

2 94 12