A particular government’s security policy is to have very strict data encryption and safety settings. This is done by restricting access based on their own CA authority and limiting access to particular users within a department. Which method could be used to restrict access as required?
A. using GRANT … REQUIRE X509 AND REQUIRE ISSUER ‘/ C=…..’ AND REQUIRE SUBJECT‘/ C=…..’
B. using GRANT USAGE, X509, …….ON . TO user@remotehost IDENTIFIED BY ‘secret_password’
C. using GRANT … REQUIRE SSL for a secure connection
D. using GRANT USAGE, SSL, …..ON . TO user@remotehost IDENTIFIED BY‘secret_password’
Answer: A
所有帐户的声明称,要求客户出示有效的X509证书颁发CA’issuer’。如果客户提出了一个有效的证书却有不同的发行人,服务器拒绝连接。使用X509证书总是意味着加密,所以SSL选择在这种情况下是不必要的。
所有帐户的声明称,要求客户出示有效的X509证书包含的主题subject。如果客户提出了一个有效的证书却有不同的主题,服务器拒绝连接。使用X509证书总是意味着加密,所以SSL选择在这种情况下是不必要的。
版权声明:本文为博主原创文章,未经博主允许不得转载。
MYSQL