You have a corporate website with annonymous access enabled. Later you configure Azure Multi factor Authentication (MFA) and configure it to enable IIS authentication. A user logs into the web page amd is immidietly presented the web page,with no authentication requests or prompts. You need to ensure that users are prompted for MFA when accessing the web page. what should you do?
A. In the IIS console,on the default website properties,enable basic authentication and disable annonymous authentication.
B. In the MFA console, enable MultiFactorAuthWebServiceSDK
C. In the MFA console, select "Use cookies to cache successful authentication(minutes)"
D. In the IIS Console, on the web page properties, enable basic authentication and disable annonymous authentication.
Answers
In the IIS console, on the web page properties, enable Basic authentication and disable Anonymous authentication
Answer:
The correct answer to the given question is:
A. In the IIS console, on the default website properties, enable basic authentication and disable anonymous authentication.
Explanation:
The Basic Authentication Scheme is a widely used standard method for collecting username and password information. Basic authentication transmits usernames and passwords over the network in an unencrypted form. You can use SSL encryption in conjunction with Basic Authentication to help secure user account information transmitted over the Internet or corporate network.
How to enable Basic Authentication and disable Anonymous Authentication:
The steps are as follows:
- Open IIS Manager, if you are using Windows Server 2012 or Windows Server 2012 R2: In the taskbar task, click Server Manager, click Tools, and then click IIS Manager.
- In the Connections pane, expand the server name, expand Sites, and then click the website, app, or web service for which you want to enable basic authentication.
- Scroll down to the Security section of the home page, and then double-click Authentication.
- In the Authentication pane, select Basic Authentication, and then select Enable in the Actions pane.
- In the authentication panel, select Anonymous authentication, then click Disable in the action panel.
#SPJ2