Week 4 - LDAP

Question 1

What does LDAP stand for?

Answer 1

Lightweight Directory Access Protocol

Question 2

What does LDAP do?

Answer 2

LDAP is used to access information in directory services (like over a network)

Question 3

What are 2 of the most popular services that use LDAP?

Answer 3

1. Active Directory
2. OpenLDAP

Question 4

Besides the add, remove, modify entries operations you can do with LDAP, what else can you do?

Answer 4

the bind operation

Question 5

What is the bind operation?

Answer 5

authenticates clients to the directory server

Question 6

What are the 3 common ways to authenticate? (during the binding operation when using LDAP)

Answer 6

1. Anonymous
2. Simple
3. SASL (Simple Authentication & Security Layer)

Question 7

What does SASL authentication stand for?

Answer 7

Simple Authentication & Security Layer

Question 8

What does SASL authentication require?

Answer 8

the client and directory server to authenticate using some method (like Kerberos, most common)

Question 9

What is Kerberos?

Answer 9

a network authentication protocol that’s used to authenticate user identity, secure the transfer of user credentials, etc

Question 10

Which are the most insecure ways to authenticate? (2)

Answer 10

Anonymous and Simple, anonymous is like a public phone book access-wise
Simple just needs the directory entry name and password usually sent in plain text

Question 11

What is the most secure authentication method?

Answer 11

Simple Authentication & Security Layer (SASL)
requires client -and- directory server to authenticate somehow usually with Kerberos