Your customer uses Active Directory to manage user accounts. You are setting up Hadoop Security for the customers Big Data Appliance. How will you integrate Hadoop and Active Directory?
A.
Set up Kerberos’ Key Distribution Center to be the Active Directory keystore.
B.
Configure Active Directory to use Kerberos’ Key Distribution Center.
C.
Set up a one-way cross-realm trust from the Kerberos realm to the Active Directory realm.
D.
Set up a one-way cross-realm trust from the Active Directory realm to the Kerberos realm.
Suggested Answer:C🗳️
If direct integration with AD is not currently possible, use the following instructions to configure a local MIT KDC to trust your AD server: 1. Run an MIT Kerberos KDC and realm local to the cluster and create all service principals in this realm. 2. Set up one-way cross-realm trust from this realm to the Active Directory realm. Using this method, there is no need to create service principals in Active Directory, but Active Directory principals (users) can be authenticated to Hadoop. Incorrect Answers: B: The complication with Kerberos authentication is that your organization needs to have a Kerberos KDC (Key Distribution Center) server setup already, which will then link to your corporate LDAP or Active Directory service to check user credentials when they request a Kerberos ticket. References: https://www.cloudera.com/documentation/enterprise/5-8-x/topics/cdh_sg_hadoop_security_active_directory_integrate.html#topic_15_1
Currently there are no comments in this discussion, be the first to comment!
This section is not available anymore. Please use the main Exam Page.1z0-449 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Comments