A user is using an online shopping website to order laptop computers. Which mechanism is used by the shopping site to securely maintain user authentication during shopping?
- IP address
- session ID
- username and password
- one-time password assigned
|
Explanation & Hint: Web applications can create sessions to track users after the first user request. For example, a web application uses a session after the user has authenticated. This allows the application to identify the user on any subsequent requests, apply security access controls, and increase the usability of the application. After an authenticated session has been established, the session ID is temporarily equivalent to the strongest authentication method used by the application, such as usernames and passwords, one-time passwords, and client-based digital certificates. |