Which of the following uses an authentication ticket that is created when a user logs on to a site in
order to track the user throughout the site?
A.
Impersonation
B.
Windows authentication
C.
Forms authentication
D.
Authorization
Explanation:
Forms authentication is an authentication process in which an authentication ticket is created when
a user logs on to a site in order to track the user throughout the site. The
FormsAuthenticationModule class handles the forms authentication processing, which is an HTTP
module that participates in
the regular ASP.NET page-processing cycle.
Answer A is incorrect. Impersonation is a technique that allows the .NET process to act as an
authenticated user or as an arbitrarily specified user. For this purpose, an authenticated token is
passed to a .NET application for authenticating a user, or an unauthenticated token is passed to the
.NET application for not authenticating the user. The .NET application impersonates receive token
only if impersonation is enabled. Impersonation is applied only to those applications where .NET is
used to communicate with a server.
Answer D is incorrect. Authorization determines whether an identity should be granted access to a
specific resource. In ASP.NET, there are two ways to authorize access to a given resource.
Answer B is incorrect. Windows Authentication allows users to authenticate using Active Directory
credentials. It provides the highest level of security because it uses the Kerberos security protocol forauthentication. It is installed in the SQL Server by default, but this can be changed in a customized
installation.