Chapter 3: Internal Authentication
Learning Activity: Why is Internal Authentication Important?
There is a small company called Bingo that uses a replica set to store customer account data. However, their replica set does not use internal authentication, which exposes their data to outside intruders.
Sort the following steps so they follow the process a hacker would use to exploit a replica set that doesn’t use internal authentication.
The first step is given to you here:
Gain access to the login credentials for the clusterAdmin user of the replica set.
Note: ClusterAdmin doesn’t grant the privilege to read data, but it does grant the privilege to create a secondary member that reads data.
Attempts Remaining:2 Attempts left
Authenticate as the cluster administrator.
Connect to the primary member of the replica set.
Deploy and add the rogue member to the replica set.
Not able to try remaining 2 attempts