You are developing an ASP.NET MVC application to be used on the Internet. The environment does not use
Active Directory.
Users must be able to log on to the application to maintain their personal preferences.
You need to use the least amount of development effort to enable users to log on.
What should you do?
A.
Enable Digest authentication.
B.
Enable Windows authentication.
C.
Enable Forms authentication.
D.
Generate server SSL certificates and install them in IIS.
Explanation:
Many Web applications require a way to restrict access to some resources (such as specific pages) so that
those resources are accessible only to authenticated users. The default Web application project template for
ASP.NET MVC provides a controller, data models, and views that you can use to add ASP.NET forms
authentication to your application. The built-in functionality lets users register, log on and off, and change their
password. For many applications, this functionality provides a sufficient level of user authentication.
Incorrect:
Not B: Windows authentication would require an Active Directory.
Windows authentication method works only if the following two conditions exist:
/ You set up your network to use the Kerberos authentication protocol that requires Active Directory.
/ You set up the computers and accounts on your network as trusted for delegation.
https://msdn.microsoft.com/en-us/library/ff398049(VS.98).aspx
A
0
33
I think it should be B. Why? Because M$ says so:
https://docs.microsoft.com/en-us/iis/configuration/system.webserver/security/authentication/windowsauthentication/
“You can use Windows authentication when your IIS 7 server runs on a corporate network that is using Microsoft Active Directory service domain identities or other Windows accounts to identify users. Because of this, you can use Windows authentication whether or not your server is a member of an Active Directory domain.”
I just implemented integrated windows authentication with LOCAL USER ACCOUNTS and it works just fine.
Also, that does not require extra development effort. Forms authentication requires development effort. This is another one of those bullshit questions with incorrect answers.
1
0