MongoDB Security Questions Answers

Connect with

Which of these authentication methods will fail if a server is started with the following options?

$ mongod --auth
$ mongo
> use admin
> db.createUser({user: 'ranjeet', pwd: 'password!2', roles: ['root']})

Check all that apply:

a.

$ mongo -u mysoftkey-p password

b.

$ mongo admin -u mysoftkey -p password

c.

$ mongo
> db.auth('mysoftkey', 'password')

d.

$ mongo
> use admin
> db.auth('mysoftkey', 'password')

Ans: a and c

Explanation:

The authentication methods that will fail for the given server configuration are:

  •  
    $ mongo -u ranjeet -p password
    

    A user must authenticate to the database they were created on. This command will fail because ‘ranjeet’ was created on the admin database, but mongo attempts to connect to the test database unless otherwise specified.

  • $ mongo
    > db.auth('ranjeet', 'password')
    

    You are allowed to connect to a server that has authorization enabled without authenticating first. The seccond command will fail however because you’ll be connected to the test database and ranjeet was created on the admin database.

  • The authentication methods that will succeed for the given server configuration are:
    $ mongo admin -u ranjet -p password
    $ mongo
    > use admin
    > db.auth('ranjeet', 'password')
    

Connect with

Leave a Comment

Your email address will not be published. Required fields are marked *