1)
The names of network resources are mapped to their corresponding network addresses by a directory service. It is a shared information architecture used to locate, manage, administrate, and arrange everyday objects and network resources, such as volumes, folders, printers, groups, devices, phone numbers, and other things. Data can be stored and made accessible to network users and administrators via a directory service, like Active Directory Domain Services (AD DS). Based on the circumstances to recommend directory service implementation for a client, I would say that Directory services offer powerful search features that enable searches on specific entry properties (Sheresh, 2002). The distribution of directory data across numerous servers in a network is made possible by a directory service. A user using a directory service can locate a network resource by supplying a name rather than memorizing its physical address. Some directory systems have access control features that only allow authorized users to access directory information. An organization's directory service is essential for managing the connections amongst users and various IT resources.
I think an organization would continue to use directory services with known security flaws since you can arrange your company's users, computers, and more with the aid of Active Directory. AD is a top target for attackers since it is essential to authenticating users, access, and applications across an enterprise. Your company's whole hierarchy, including which PCs belong on which networks, your profile image, and who has access to the storage room, is organized by your IT administrator using AD (Yeong, 1995). Furthermore, an open, vendor-neutral industry standard application protocol called the Lightweight Directory Access Protocol is used to access and maintain dispersed directory information services over an IP network. A vulnerability known as LDAP injection occurs when queries are built from untrusted data without any prior validation or sanitization. LDAP employs predicates built into questions, which can contain special characters, including quotes and brackets.
References
Sheresh, B., & Sheresh, D. (2002). Understanding directory services. Sams Publishing.
- Yeong, W., Howes, T., & Kille, S. (1995). Lightweight directory access protocol (No. rfc1777). Describe in your own words, what is a directory service (such as Microsoft Active Directory, Novell, e-Directory, etc.).
2)
A database that stores and maintains the user’s information and their resources. An app will check the directory to see if the user is who they say they are and what privileges they can access.
- Under what circumstances would you recommend its implementation for a client?
The relationships between the user and their IT resources are managed. Make sure users are allowed to obtain certain resources.
- Why do you think an organization would continue to use directory services that have known security flaws?
Because the known security flaw is an easy fix. For example, attack paths are a security risk, but it is an easy fix by the access management administrator. The Access management administrator can fix it by changing the default configurations.
- What is LDAP and what are its security vulnerabilities?
LDAP stands for lightweight directory access protocol. LDAP is the lighter version of the Directory access protocol (DAP). The common use of LDAP is to provide a central place for authentication -- meaning it stores usernames and passwords(Gillis, 2019).
LDAP works on both public networks and private intranets and across multiple directory services, making it the most convenient language for accessing, modifying, and authenticating information in any directory(Kost, 2022).
References
Gillis, A. S. (2019, November).LDAP (Lightweight Directory Access Protocol). Retrieved from TechTarget: www.techtarget.com
Kost, E. (2022, May 12).What is LDAP? How it Works, Uses and Security Risks in 2022. Retrieved from UpGuard: www.upguard.com
With regard to MY assignments (IP’s, GP’s, DB’s), consider the source before you include information from Web sites.
Who sponsors the Web site?
Is the information on the site supported by theory and research?
WIKIPEDIA, Yahoo Answers, dictionaries, encyclopedias, or similar websites, may NEVER be used or cited under any circumstances, on any assignment, discussion, or response for this class.
KINDLY JUST ANSWER THIS ORDER FROM THE TUTOR VIEWPOINT... THERE ARE NUMBER 1 AND 2 HERE EACH FOR 125 ONLY THANK YOU