Select two correct statements about the authentication services available in Oracle Solaris 11.

Select two correct statements about the authentication services available in Oracle Solaris 11.

Select two correct statements about the authentication services available in Oracle Solaris 11.

A.
Pluggable Authentication Modules (PAM) is used to control the operation of services such
console logins and ftp.

B.
The Secure Shell can be configured to allow logins across a network to remote servers without
transmitting passwords across the network.

C.
Secure Remote Procedure Calls (Secure RPC) provides a mechanism to encrypt data on any
IP Socket connection.

D.
Pluggable Authentication Modules (PAM) is used to implement the Secure Shell in Oracle
Solaris 11.

E.
Simple Authentication and Security Layer (SASL) provides a mechanism to authenticate and
encrypt access to local file system data.

Explanation:
A: Pluggable Authentication Modules (PAM) are an integral part of the
authentication mechanism for the Solaris. PAM provides system administrators with the ability and
flexibility to choose any authentication service available on a system to perform end-user
authentication.
By using PAM, applications can perform authentication regardless of what authentication method
is defined by the system administrator for the given client.
PAM enables system administrators to deploy the appropriate authentication mechanism for each
service throughout the network. System administrators can also select one or multiple
authentication technologies without modifying applications or utilities. PAM insulates application

developers from evolutionary improvements to authentication technologies, while at the same time
allowing deployed applications to use those improvements.
PAM employs run-time pluggable modules to provide authentication for system entry services.
E: The Simple Authentication and Security Layer (SASL) is a method for
adding authentication support to connection-based protocols.
Simple Authentication and Security Layer (SASL) is a framework for authentication and data
security in Internet protocols. It decouples authentication mechanisms from application protocols,
in theory allowing any authentication mechanism supported by SASL to be used in any application
protocol that uses SASL. Authentication mechanisms can also support proxy authorization, a
facility allowing one user to assume the identity of another. They can also provide a data security
layer offering data integrity and data confidentiality services. DIGEST-MD5 provides an example of
mechanisms which can provide a data-security layer. Application protocols that support SASL
typically also support Transport Layer Security (TLS) to complement the services offered by SASL.
Reference: softpanorama.org, Solaris PAM

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

three × 3 =

Qiqe

Qiqe

Answers:
A.
The Pluggable Authentication Module (PAM) framework lets you “plug in” new authentication services without changing system services, such as login, su, and ssh. You can also use PAM to integrate UNIX login with other security mechanisms such as Kerberos.
https://docs.oracle.com/cd/E26502_01/html/E29015/pam-2.html#scrolltoc

E.
SASL provides developers of applications and shared libraries with mechanisms for authentication, data integrity-checking, and encryption. SASL enables the developer to code to a generic API. This approach avoids dependencies on specific mechanisms.
http://docs.oracle.com/cd/E23824_01/html/819-2145/sasl.intro.20.html

Reply