LDAP Statements: True Facts About LDAP | CCIE Security Exam 400-251

True Facts About LDAP

Prev Question Next Question


Which three statements about LDAP are true? (Choose three.)



Click on the arrows to vote for the correct answer

A. B. C. D. E.


It's perfect answer.

LDAP (Lightweight Directory Access Protocol) is a protocol used for accessing and managing distributed directory information services over an IP network. Here are the explanations for the three true statements:

A. LDAP uses UDP port 389 by default. LDAP uses port 389 as its default port for unsecured communication. However, it can also use TCP port 636 for secure communication using SSL/TLS.

B. LDAP is defined in terms of ASN.1 and transmitted using BER. LDAP is defined using ASN.1 (Abstract Syntax Notation One), which is a notation language used to describe data structures and protocol messages. LDAP messages are transmitted using the Basic Encoding Rules (BER), which is a method for encoding ASN.1 data types into a binary format.

C. LDAP is used for accessing X.500 directory services. LDAP was initially created as a lightweight version of the X.500 directory service protocol. LDAP is a simpler and more flexible alternative to X.500 that provides directory services for various applications and network services.

D. An LDAP directory entry is uniquely identified by its DN. In LDAP, each entry in the directory tree has a unique Distinguished Name (DN), which is a sequence of attribute-value pairs that uniquely identify the entry. The DN is composed of a series of Relative Distinguished Names (RDNs), each of which specifies an attribute and value pair that identifies the entry within its parent container.

E. A secure connection via TLS is established via the UseTLS operation. To establish a secure connection using SSL/TLS in LDAP, the client initiates a StartTLS operation, which requests the server to switch to an encrypted connection. The server then responds with a StartTLS response, indicating that it is ready to negotiate a secure connection. If successful, the client and server establish an encrypted connection and can securely transmit LDAP messages. However, the statement that a secure connection is established via the UseTLS operation is incorrect, as there is no such operation in LDAP.