Exam 301b All QuestionsBrowse all questions from this exam
Go to Exam
Question 83

A client is attempting to log in to a web application that requires authentication. The following HTTP headers are sent by the client:

GET /owa/ HTTP/1.1 -

Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

User-Agent: curl/7.26.0 -

Host: 10.0.0.14 -

Accept: */*

Accept-EncodinG. gzip,deflate -

The web server is responding with the following HTTP headers:

HTTP/1.1 401 Unauthorized -

Content-TypE. text/html -

Server: Microsoft-IIS/7.5 -

WWW-AuthenticatE. NTLM -

DatE. Wed, 16 Aug 1977 19:12:31 GMT

Content-LengtH. 1293 -

The client has checked the login credentials and believes the correct details are being entered.

What is the reason the destination web server is sending an HTTP 401 response?

    Correct Answer: D

    The web server is sending an HTTP 401 Unauthorized response because it expects NTLM authentication, as indicated by the 'WWW-Authenticate: NTLM' header. However, the client is using Basic Authentication, as indicated by the 'Authorization: Basic' header. The mismatch in authentication mechanisms is causing the server to deny access.

Discussion
GVKDOption: D

D - Correct. Server is expecting NTLM Authentication, and the client is using Basic Authentication.