|< Day Day Up >|| |
Before taking the exam, review the key topics and terms that are presented in this chapter. You need to know this information.
Understand the authentication protocols supported by Windows Server 2003, the differences between the protocols, and how the authentication process works with each protocol.
Be familiar with every security policy setting related to controlling authentication.
Understand the differences between Web authentication protocols, and know the advantages and disadvantages of each.
Know the user account created by default for IIS anonymous access.
Understand the types of trusts supported by Windows Server 2003, how to configure these trusts, and in what situations each trust type should be used.
Authentication Authentication is the process of verifying the identity of something or someone. Authentication usually involves a user name and a password, but can include any method of demonstrating identity, such as a smart card, a retinal scan, voice recognition, or a fingerprint.
Authorization Authorization is the process of determining whether an identified user or process is permitted access to a resource and determining the appropriate level of access for the user. The owner of a resource, or someone who has been granted permission, determines whether a user is a part of a predetermined group or has a certain level of security clearance. By setting the permissions on a resource, the owner controls which users and groups on the network can access the resource.
Kerberos As the default authentication protocol for Windows 2000 and Windows XP Professional, the Kerberos protocol is designed to be more secure and scalable across large, diverse networks.
NTLM protocol This service uses a challenge-response mechanism to authenticate users and computers running Windows Me and earlier or computers running Windows 2000 and later that are not part of a domain.
Trusts Trusts are the mechanisms that ensure that users who are authenticated in their own domains can access resources in any trusted domain.
|< Day Day Up >|| |