PrepAway - Latest Free Exam Questions & Answers

What is the best description for what WAM is commonly used for?

Hannah has been assigned the task of installing Web access management (WAM) software. What is the best description for what WAM is commonly used for?

PrepAway - Latest Free Exam Questions & Answers

A.
Control external entities requesting access through X.500 databases

B.
Control external entities requesting access to internal objects

C.
Control internal entities requesting access through X.500 databases

D.
Control internal entities requesting access to external objects

Explanation:
B: Web access management (WAM) software controls what users can access when using a Web browser to interact with Web-based enterprise assets. This type of technology is
continually becoming more robust and experiencing increased deployment. This is because of the increased use of e-commerce, online banking, content providing, Web services, and
more. The basic components and activities in a Web access control management process are as follows:

1. User sends in credentials to Web server.
2. Web server validates user’s credentials.
3. User requests to access a resource (object).
4. Web server verifies with the security policy to determine if the user is allowed to carry out this operation.
5. Web server allows/denies access to the requested resource.

A is incorrect because a directory service should be carrying out access control in the directory of an X.500 databasenot Web access management software. The directory service
manages the entries and data, and enforces the configured security policy by carrying out access control and identity management functions. Examples of directory services include
Active Directory and Novell NetWare Directory Service (NDS). While Web-based access requests may be to objects held within a database, WAM mainly controls communication
between Web browsers and servers. The Web servers should communicate to a backend database, commonly through a directory service.
C is incorrect because a directory service should be carrying out access control for internal entities requesting access to a X.500 databases using the LDAP. This type of database
provides a hierarchical structure for the organization of objects (subjects and resources). The directory service develops unique distinguished names for each object and appends the
corresponding attribute to each object as needed. The directory service enforces a security policy (configured by the administrator) to control how subjects and objects interact. While
Web-based access requests may be to objects held within a database, WAM mainly controls communication between Web browsers and servers. WAM was developed mainly for
external to internal communication, although it can be used for internal-to-internal communication also. Answer B is the best answer out of the four provided.
D is incorrect because WAM software is most commonly used to control external entities requesting access to internal objects; not the other way around, as stated by the answer
option. For example, WAM may be used by a bank to control its customers’ access to backend account data.

One Comment on “What is the best description for what WAM is commonly used for?


Leave a Reply