Which of the following is a process that determines whether an identity should be granted access to
a specific resource?
A.
Authorization
B.
Authentication
C.
Impersonation
D.
Client-side scripting
Explanation:
Authorization is a process that verifies whether a user has permission to access a Web resource. A
Web server can restrict access to some of its resources to only those clients that log in using a
recognized username and password. To be authorized, a user must first be authenticated.
Answer B is incorrect. Authentication is the act of establishing or confirming something (or
someone) as authentic, i.e., the claims made by or about the subject are true (“authentification” is a
variant of this word).
Answer C is incorrect. Impersonation is a technique that allows the .NET process to act as an
authenticated user or as an arbitrarily specified user. For this purpose, an authenticated token is
passed to a .NET application for authenticating a user, or an unauthenticated token is passed to the
.NET application for not authenticating the user. The .NET application impersonates receive token
only if impersonation is enabled. Impersonation is applied only to those applications where .NET is
used to communicate with a server.
Answer D is incorrect. Client-side scripting is the technology for embedding a scripting language in
the core code, to act as control code.