Which of the following is the best expression for an authentication service to access a directory? (Wentz QOTD)
A. Distinguished Name
B. Common Name
C. Domain Name
D. Alias Name
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is A. Distinguished Name.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
A directory is the repository of entities. Instances of entities are called objects. X.500 is a standard that provides an overview of concepts, models, and services of a directory based on the ISO OSI model. It introduces the concept of the Distinguished Name as the notation of a directory object. Common names and relative distinguished names are parts of a distinguished name.
LDAP is a lightweight version of X.500 based on TCP/IP; it is commonly implemented to access (connect, add, modify, delete, and retrieve) a directory.
Domain Names are used to locate and connect to a directory service that manages a directory. Alias names (Amazon Route 53 specific) and canonical names are used for DNS resource records.
The following is an example of a DNS zone file with resource records, excerpted from Wikipedia:
$ORIGIN example.com. ; designates the start of this zone file in the namespace $TTL 3600 ; default expiration time (in seconds) of all RRs without their own TTL value example.com. IN SOA ns.example.com. username.example.com. ( 2020091025 7200 3600 1209600 3600 ) example.com. IN NS ns ; ns.example.com is a nameserver for example.com example.com. IN NS ns.somewhere.example. ; ns.somewhere.example is a backup nameserver for example.com example.com. IN MX 10 mail.example.com. ; mail.example.com is the mailserver for example.com @ IN MX 20 mail2.example.com. ; equivalent to above line, "@" represents zone origin @ IN MX 50 mail3 ; equivalent to above line, but using a relative host name example.com. IN A 192.0.2.1 ; IPv4 address for example.com IN AAAA 2001:db8:10::1 ; IPv6 address for example.com ns IN A 192.0.2.2 ; IPv4 address for ns.example.com IN AAAA 2001:db8:10::2 ; IPv6 address for ns.example.com www IN CNAME example.com. ; www.example.com is an alias for example.com wwwtest IN CNAME www ; wwwtest.example.com is another alias for www.example.com mail IN A 192.0.2.3 ; IPv4 address for mail.example.com mail2 IN A 192.0.2.4 ; IPv4 address for mail2.example.com mail3 IN A 192.0.2.5 ; IPv4 address for mail3.example.com
- Lightweight Directory Access Protocol (LDAP)
- X.500 Distinguished Names
- LDAP URLs
- What is the difference between CNAME and ALIAS records?
- Differences Among A, CNAME, ALIAS, and URL records
- LDAP Path Active Directory Distinguished and Relative Distinguished Names
- Demystifying DNS Records – A, CNAME, ALIAS, MX & AAAA
以下哪一項是身份驗證服務訪問目錄的最佳表示式(expression)？ (Wentz QOTD)
A. 專有名稱 (distinguished name)
B. 通用名稱 (common name)
C. 域名 (domain name)
D. 別名 (alias name)