Which two options best describe the authorization process as it relates to network access? (Choose two.)
Authorization is the process of granting or denying access to a user, based on their identity and the permissions they possess. In network access, authorization involves allowing or denying access to network resources and services, based on the user's identity, credentials, and the security policies of the organization.
The options that best describe the authorization process as it relates to network access are:
Validating credentials: This involves the process of validating the user's provided credentials, such as username and password, against an identity store, such as Active Directory or LDAP. This ensures that the user is who they claim to be and that they possess the necessary permissions to access the network resources.
Applying enforcement controls: Once the user's identity and permissions have been validated, the next step is to apply enforcement controls to the network access session. This involves assigning the user to a specific VLAN, applying downloadable access control lists (ACLs) or other security policies to restrict or allow access to specific resources or services.
Option A is incorrect as it describes the process of validating the validity of a certificate and specific fields in the certificate against an identity store. Although certificates can be used for authentication purposes, they are not directly related to the authorization process.
Option B is incorrect as it only describes the end result of the authorization process, which is to provide network access to the end user. However, it does not explain the process of how access is granted or denied based on the user's identity and permissions.
Option C is partially correct as it describes the process of applying enforcement controls to the network access session of a user. However, it does not explain the initial step of validating the user's credentials, which is necessary before any enforcement controls can be applied.
Therefore, the correct options that best describe the authorization process as it relates to network access are D (validating the provided credentials) and C (applying enforcement controls).