Generally IIS provides four different kinds of Authentication Methods they are :
If we select this authentication, IIS doesn't perform any authentication so that any one can access the application.
If we select this method, the user who access the application should provide windows username and password to access the application. Although this is sent through a network by transmitting direct text so it it very insecure.
This method is almost equal to Basic method but the difference is the password is hashed before it is transmitted through out a network.
Windows Integrated Method
In this the application uses the Kerberos protocol to validate(Authenticate) the user. This uses a Secret key cryptography which provides strign authentication for Client/Server applications.
Asked In: Many Interviews |