A company needs to access the cloud administration console using its corporate identity. Which of the following actions would MOST likely meet the requirements?
A.
Implement SSH key-based authentication.
B.
Implement cloud authentication with local LDAP.
C.
Implement multifactor authentication.
D.
Implement client-based certificate authentication.
B. Implement cloud authentication with local LDAP.
Explanation:
Cloud Authentication with Local LDAP: This approach allows the company to integrate its existing corporate identity management system (using LDAP) with the cloud provider's authentication mechanism. This enables users to log in to the cloud administration console using their corporate credentials, which meets the requirement for accessing the console with the corporate identity.
This approach allows users to use their existing corporate credentials for accessing the cloud console,
simplifying the authentication process and enhancing security.
SSH key-based authentication is typically used for accessing remote servers via SSH (Secure Shell) protocol. While SSH key-based authentication provides secure access to servers, it is not directly applicable to cloud administration consoles, which typically use web-based interfaces rather than SSH connections.
Integrating the cloud administration console with a local LDAP (Lightweight Directory Access Protocol) server allows users to authenticate using their corporate identity credentials stored in the LDAP directory. LDAP integration provides centralized user management and authentication, enabling users to log in to the cloud administration console using their existing corporate usernames and passwords.
While MFA enhances security, it does not directly address the requirement to use the company's corporate identity for accessing the cloud administration console.
Client-based certificate authentication involves issuing digital certificates to users, which they present to authenticate themselves. While client-based certificate authentication provides a secure method of authentication, it doesnt meet the requirement to use a corporate identity.
Third and final comment. Changing my answer to "B". I'm reading too much into the question. It's not about proving a corporate identity, it's simply about accessing the cloud console. The company most likely has domain environment so use LDAP for corporate directory resources.
I'm in need of adding an addendum to my comment. Yes, in addition to LDAP reading and modifying AD information, it can provide authentication via the bind operation. However, I'm still sticking with my answer ("D"), because a corporate identify isn't going to established via a username / password authentication process, it's going to be proven via a certificate issued by a CA (who has verified identity during the certificate issuing process).
I understand "corporate identity" as not user specific, but company-global. This can be provided by a respective certificate, to be imported/trusted at clients, or by trusting a root cert.
This section is not available anymore. Please use the main Exam Page.CV0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ryanzou
Highly Voted 2 years, 10 months agoreto1
10 months, 3 weeks agouzey
Most Recent 11 months, 3 weeks agoTheFivePips
1 year, 2 months agoSunshine_boy38
2 years agoSecPlus2022
2 years, 1 month agoSecPlus2022
2 years, 2 months agoSecPlus2022
2 years, 2 months agomaelo
2 years, 3 months agoironman_86
2 years, 11 months agoachow26
2 years, 11 months ago