the correct answer for question 19 should be b... kerberos is primarily authentication. ldap is commonly used to authenticate users, even though it is not itself an authentication protocol. tls and ssl both offer password as well as client-side certificate authentication as part of the channel creation. oauth on the other hand it authorization only, and the protocol does not specify anything related to authentication. from the oauth website... "OAuth 2.0 was intentionally designed to provide authorization without providing user identity and authentication, as those problems have very different security considerations that don’t necessarily overlap with those of an authorization protocol. "
Hello @JasonSmith-se1jg, SSL/TLS is used to secure the connection rather than to authenticate users. The other 3 options are commonly used authentication protocols. OAuth is an open standard protocol that allows third-party services to exchange tokens for granting access without exposing user credentials, thus authenticating and authorizing users.
the correct answer for question 19 should be b... kerberos is primarily authentication. ldap is commonly used to authenticate users, even though it is not itself an authentication protocol. tls and ssl both offer password as well as client-side certificate authentication as part of the channel creation.
oauth on the other hand it authorization only, and the protocol does not specify anything related to authentication. from the oauth website... "OAuth 2.0 was intentionally designed to provide authorization without providing user identity and authentication, as those problems have very different security considerations that don’t necessarily overlap with those of an authorization protocol. "
Hello @JasonSmith-se1jg, SSL/TLS is used to secure the connection rather than to authenticate users. The other 3 options are commonly used authentication protocols. OAuth is an open standard protocol that allows third-party services to exchange tokens for granting access without exposing user credentials, thus authenticating and authorizing users.