While attending a meeting with the human resources department, an organization’s information security officer sees an employee using a username and password written on a memo pad to log into a specific service. When the information security officer inquires further as to why passwords are being written down, the response is that there are too many passwords to remember for all the different services the human resources department is required to use.
Additionally, each password has specific complexity requirements and different expiration time frames. Which of the following would be the BEST solution for the information security officer to recommend?
A. Utilizing MFA
B. Implementing SSO
C. Deploying 802.1X
D. Pushing SAML adoption
E. Implementing TACACS
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
B. Implementing SSO… various methods can implement SSO.
SAML can be used for SSO.
Kerberos can be used for SSO.
OpenID can be used for SSO.
https://en.wikipedia.org/wiki/Single_sign-on
D is the best answer imo.
SAML works by transferring the user’s identity from one place (the identity provider) to another (the service provider) using SSO. It’s more robust as an answer than implementing SSO alone.
SAML on its own does not do anything. It is what SSO solutions, such Shibboleth, use to enforce and provide SSO. SAML is just a language. It is concerning that you’re taking this exam and saying that.
B ?