匿名访问（IIS）和SQL Server

I just had an interview in Redmond where they asked me a ton of security based questions surrounding asp.net. One of the questions they asked was about configuring a secure intranet application to use constrained delegation to access the SQL Server. In this scenario an AD user account is delegated access to the SQL Server. The whole purpose of course is to a) not store any username/password anywhere on the web server (web.config), and b) provide an abstracted security model that can be managed in Active Directory.I just had an interview in Redmond where they a