Which of the following security design patterns provides an alternative by requiring that a user's authentication credentials be verified by the database before providing access to that user's data?

Which of the following security design patterns provides an alternative by requiring that a user’s authentication credentials be verified by the database before providing access to that user’s data?

exams CSSLP CSSLP exam 0 Comments

Which of the following security design patterns provides an alternative by requiring that a user’s authentication credentials be verified by the database before providing access to that user’s data?
A . Secure assertion
B . Authenticated session
C . Password propagation
D . Account lockout

Answer: C

Explanation:

Password propagation provides an alternative by requiring that a user’s authentication credentials be verified by the database before providing access to that user’s data.

ANS: D is incorrect. Account lockout implements a limit on the incorrect password attempts to protect an account from automated password-guessing attacks.

ANS: B is incorrect. Authenticated session allows a user to access more than one access-restricted Web page without re-authenticating every page. It also integrates user authentication into the basic session model.

ANS: A is incorrect. Secure assertion distributes application-specific sanity checks throughout the system.