Which of the following is the default authentication mode for IIS?
2022
Which of the following is the default authentication mode for IIS?
- A.
Anonymous
- B.
Windows
- C.
Basic authentication
- D.
None of these
Attempted by 34 students.
Show answer & explanation
Correct answer: A
Correct answer: Anonymous authentication
Explanation:
Anonymous authentication is enabled by default in IIS and allows users to access content without providing credentials.
By default, anonymous requests are processed using the built-in IUSR account or the application pool identity depending on IIS version and configuration.
Other authentication modes such as Windows Authentication and Basic Authentication are disabled by default.
Security note: Basic Authentication sends credentials encoded in base64 (not encrypted). If you enable it, always use HTTPS. Use Windows Authentication for integrated domain scenarios where NTLM/Kerberos is required.
How to change authentication in IIS:
Open IIS Manager and select the site or application.
Double-click Authentication in the Features View.
Enable or disable the desired authentication methods (for example, enable Windows Authentication to require domain credentials).