Which two values are compared by the binary comparison function in authentication that is based on Active Directory?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/ISE-ADIntegrationDoc/b_ISE-ADIntegration.htmlThe correct answer is C. user-presented password hash and a hash stored in Active Directory.
When a user attempts to authenticate using Active Directory as the identity store, the user's credentials are compared with the credentials stored in Active Directory. The comparison function used for authentication is based on binary comparison.
Binary comparison is a method of comparing two values bit-by-bit to determine if they are equal. In the case of authentication based on Active Directory, the binary comparison function compares the password hash presented by the user with the password hash stored in Active Directory.
The password hash is a one-way function of the user's password, and is stored in Active Directory as a security measure. When the user enters their password, the authentication process generates a hash of the password and compares it with the hash stored in Active Directory. If the two hashes match, the user is authenticated and granted access.
Option A, user-presented certificate and a certificate stored in Active Directory, is not correct because Active Directory is not used for certificate-based authentication.
Option B, MS-CHAPv2 provided machine credentials and credentials stored in Active Directory, is not correct because MS-CHAPv2 is a protocol used for remote access authentication and is not used in the context of Active Directory authentication.
Option D, subject alternative name and the common name, is not correct because these values are used in certificate-based authentication, not in Active Directory authentication.