Select two correct statements about the authentication services available in Oracle Solaris 11.
A.
Pluggable Authentication Modules (PAM) is used to control the operation of services such console logins
and ftp.
B.
The Secure Shell can be configured to allow logins across a network to remote servers without transmitting
passwords across the network.
C.
Secure Remote Procedure Calls (Secure RPC) provides a mechanism to encrypt data on any IP Socket
connection.
D.
Pluggable Authentication Modules (PAM) is used to implement the Secure Shell in Oracle Solaris 11.
E.
Simple Authentication and Security Layer (SASL) provides a mechanism to authenticate and encrypt access
to local file system data.
Explanation:
A: Pluggable Authentication Modules (PAM) are an integral part of the authentication mechanism for the
Solaris. PAM provides system administrators with the ability and flexibility to choose any authentication service
available on a system to perform end-user authentication.
By using PAM, applications can perform authentication regardless of what authentication method is defined by
the system administrator for the given client.
PAM enables system administrators to deploy the appropriate authentication mechanism for each service
throughout the network. System administrators can also select one or multiple authentication technologies
without modifying applications or utilities. PAM insulates application developers from evolutionary
improvements to authentication technologies, while at the same time allowing deployed applications to use
those improvements.
PAM employs run-time pluggable modules to provide authentication for system entry services.
E: The Simple Authentication and Security Layer (SASL) is a method for adding authentication support to
connection-based protocols.
Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet
protocols. It decouples authentication mechanisms from application protocols, in theory allowing any
authentication mechanism supported by SASL to be used in any application protocol that uses SASL.
Authentication mechanisms can also support proxy authorization, a facility allowing one user to assume the
identity of another. They can also provide a data security layer offering data integrity and data confidentialityservices. DIGEST-MD5 provides an example of mechanisms which can provide a data-security layer.
Application protocols that support SASL typically also support Transport Layer Security (TLS) to complement
the services offered by SASL.