nerdexam
(ISC)2

CISSP · Question #715

How does security in a distributed file system using mutual authentication differ from file security in a multi-user host?

The correct answer is B. Access control cannot rely on the Operating System (OS), and eavesdropping. In a distributed file system with mutual authentication, access control must be enforced across multiple nodes and networks, so it cannot rely solely on a single host's OS; instead, it depends on distributed authentication and authorization mechanisms (such as certificates, token

Submitted by valeria.br· Mar 5, 2026Security Architecture and Engineering

Question

How does security in a distributed file system using mutual authentication differ from file security in a multi-user host?

Options

  • AAccess control can rely on the Operating System (OS), but eavesdropping is
  • BAccess control cannot rely on the Operating System (OS), and eavesdropping
  • CAccess control can rely on the Operating System (OS), and eavesdropping is
  • DAccess control cannot rely on the Operating System (OS), and eavesdropping

How the community answered

(25 responses)
  • A
    4% (1)
  • B
    80% (20)
  • C
    4% (1)
  • D
    12% (3)

Explanation

In a distributed file system with mutual authentication, access control must be enforced across multiple nodes and networks, so it cannot rely solely on a single host's OS; instead, it depends on distributed authentication and authorization mechanisms (such as certificates, tokens, or directory services). At the same time, because data travels over the network, eavesdropping is a real risk, so encryption and mutual authentication are used to protect confidentiality and prevent man-in- the-middle attacks. In contrast, in a multi-user host, access control can usually be managed directly by the local OS (file permissions, user groups, etc.), and eavesdropping is less of a concern if the host is physically and logically isolated.

Topics

#distributed file system security#mutual authentication#eavesdropping#network security

Community Discussion

No community discussion yet for this question.

Full CISSP Practice