CISSP
1: Security and Risk Management
2: Asset Security
3: Security Architecture and Engineering
4: Communication and Network Security
5: Identity and Access Management
6: Security Assessment and Testing
7: Security Operations
8: Software Development Security
Domain 5: Identity and Access Management
#1 Q: Do directory services assign namespaces to each object in databases that are based on the X.509 standard and are accessed by LDAP?
A:
Negative. Most enterprises have some type of directory that contains information pertainingto the company’s network resources and users. Most directories follow a hierarchicaldatabase format, based on the X.500 standard (not X.509), and a type of protocol, as in Lightweight Directory Access Protocol (LDAP), that allows subjects andapplications to interact with the directory. Applications can request informationabout a particular user by making an LDAP request to the directory, and users canrequest information about a specific resource by using a similar request. A directoryservice assigns
distinguished names (DNs)
to each object in databases based on the X.500 standard that are accessed by LDAP. Each
distinguished name
represents a collection of attributes about a specific object and is stored in the directory as an entry. Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: Q: A: