NetApp Certified Implementation Engineer – SAN, E-Series — Question 19
Your company wants to increase access security in both their NFS and iSCSI environments. Currently iSCSI is not authenticated and NFS relies only on export policies for security.
Which two enhancements do you use to satisfy this new criteria? (Choose two.)
Answer options
- A. Enable Kerberos for NFS exports
- B. Enable Challenge-Handshake Authentication Protocol (CHAP) for iSCSI LUN access
- C. Enable Challenge-Handshake Authentication Protocol (CHAP) NFS exports
- D. Enable Kerberos for iSCSI LUN access
Correct answer: A, B
Explanation
Enabling Kerberos for NFS exports (Option A) enhances the security of NFS by providing strong authentication through tickets. Enabling CHAP for iSCSI LUN access (Option B) adds an authentication layer for iSCSI, ensuring that only authorized users can access the storage. The other options do not provide the necessary enhancements for either NFS or iSCSI security.