nerdexam
Cisco

350-401 · Question #1098

Which two mechanisms are used with OAuth 2.0 for enhanced validation? (Choose two.)

The correct answer is A. authorization D. authentication. OAuth 2.0 uses both authorization and authentication mechanisms to provide enhanced validation for delegated access to protected resources.

Submitted by rania.sa· Mar 6, 2026

Question

Which two mechanisms are used with OAuth 2.0 for enhanced validation? (Choose two.)

Options

  • Aauthorization
  • Bcustom headers
  • Crequest management
  • Dauthentication
  • Eaccounting

How the community answered

(48 responses)
  • A
    88% (42)
  • B
    6% (3)
  • C
    4% (2)
  • E
    2% (1)

Why each option

OAuth 2.0 uses both authorization and authentication mechanisms to provide enhanced validation for delegated access to protected resources.

AauthorizationCorrect

OAuth 2.0 is primarily an authorization framework, enabling a client application to obtain limited access to a user's protected resources on a resource server without exposing the user's credentials. The authorization process confirms what actions the client is permitted to perform.

Bcustom headers

Custom headers can be used in API calls but are not core mechanisms of OAuth 2.0 itself for enhanced validation, though they might carry tokens or other information.

Crequest management

Request management is a general term referring to how requests are handled, not a specific OAuth 2.0 mechanism for validation.

DauthenticationCorrect

While OAuth 2.0 itself is an authorization protocol, it often relies on underlying authentication of the resource owner (user) to grant consent. OpenID Connect, built on top of OAuth 2.0, explicitly adds an authentication layer, providing enhanced validation by confirming the user's identity.

Eaccounting

Accounting (tracking resource usage) is part of AAA (Authentication, Authorization, Accounting) but is not a direct validation mechanism within the OAuth 2.0 protocol itself.

Concept tested: OAuth 2.0 authorization and authentication

Source: https://www.rfc-editor.org/rfc/rfc6749

Topics

#OAuth 2.0#Authentication#Authorization

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice