Consider the Mysql Enterprise Audit plugin.
Which statement is true when you identify a connection event that has used external
authentication?
A.
The attribute “STATUS” is set to the string EXTERNAL_AUTH.
B.
The attribute “PRIV_USER” contains the username.
C.
The event type that is given in the attribute “NAME” is EXTERNAL_AUTH.
D.
There is no differentiation between native and external authentication events.
E.
External authentication is managed through external auditing logs.
F.
The “PROXY_PRIV” user shows a username if external authentication is used.
Explanation:
B.
I think have no answer.
The attribute “OS_LOGIN” represents the external user.
A is definitely wrong, as STATUS is always an integer.
B is sort of wrong, because PRIV_USER always has the user-name, if authenticated (internally or externally).
C is wrong, as NAME can’t be EXTERNAL… anything.
D — maybe right…
E — could be right — as the external authentication plug-in prbbly has a log.
F — assuming it’s not a TYPO, then “PROXY_PRIV” doesn’t exist, if it’s PRIV_USER, then it’s the same as answer-B, still wrong. Proxy has nothing to do with this anyway.
I’d lean toward D then E.
should be E.
we can see error code 1045 is due to access denied error.
$ perror 1045
MySQL error code 1045 (ER_ACCESS_DENIED_ERROR): Access denied for user ‘%-.48s’@’%-.64s’ (using password: %s)
ignore question for E,not sure why not in the same page.:)
E
https://dev.mysql.com/doc/refman/5.5/en/audit-log-file.html
OS_LOGIN
A string representing the external user (empty if none). The value may differ from USER, for example, if the server authenticates the client using an external authentication method. This attribute appears only if the NAME value is “Connect” or “Change user”.
not sure if the answers are right.
E
B, https://dev.mysql.com/doc/refman/5.6/en/audit-log-file.html PRIV_USER
F because whenever an external authentication is used proxy user concept comes into picture. According to manual:
The PROXY privilege is needed to enable an external user to connect as and have the privileges of another user. To grant this privilege, use the GRANT statement. For example:
D
C