6 CISA Single Sign On (SSO) Questions Answer and Explanation

Free Exam Simulator

Question 1 - ID: 7813031
An organization is introducing a single sign-on (SSO) system. Under the SSO system, users will be required to enter only one user ID and password for access to all application systems .A major risk of using single sign-on (SSO) is that:
Select one
 
A.
B.
C.
D.
Answer and explanation:
Single sign-on (SSO) is a user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. This constitutes risk of single point of failure. The impact will be greater since the hacker needs to know only one password to gain access to all the related applications and therefore, cause greater concerns than if only the password to one of the systems is known.SSO improves the administrator’s ability to manage user’s accounts. SSO reduces time taken by users to log into multiple applications and work load of security administration.
Question 2 - ID: 3613029
An organization is introducing a single sign-on (SSO) system. Under the SSO system, users will be required to enter only one user ID and password for access to all application systems .A major risk of using single sign-on (SSO) is that it:
Select one
 
A.
B.
C.
D.
Answer and explanation:
SSO acts as a single authentication point for multiple applications which constitute risk of single point of failure. The primary risk associated with single sign-on is the single authentication point. A Single point of failure provides a similar redundancy to the single authentication point. However, failure can be due to any other reasons also. So more specific answer to this question is option A.
Question 3 - ID: 4313032
An organization is introducing a single sign-on (SSO) system. Under the SSO system, users will be required to enter only one user ID and password for access to all application systems. To prevent unauthorized access, the MOST important action is to:
Select one
 
A.
B.
C.
D.
Answer and explanation:
A strong password policy is better preventive control. Other options are good practice but may not able address the risk of unauthorized access if password is compromised.
Question 4 - ID: 7913030
An organization is introducing a single sign-on (SSO) system. In SSO, unauthorized access:
Select one
 
A.
B.
C.
D.
Answer and explanation:
Single sign-on (SSO) is a user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. This constitutes risk of single point of failure. The impact will be greater since the hacker needs to know only one password to gain access to all the related applications and therefore, cause greater concerns than if only the password to one of the systems is known. Introduction of SSO will not have any relevance on possibility (higher or lower) of unauthorized access.
Question 5 - ID: 5113033
Which following is most important benefit of Single Sign On?
Select one
 
A.
B.
C.
D.
Answer and explanation:
Easier administration of changing or deleting passwords is the major advantage of implementing SSO. The advantages of SSO include having the ability to use stronger passwords, easier administration of changing or deleting the passwords, and requiring less time to access resources.
Question 6 - ID: 2013034
Risk of unauthorised access can be best control by:
Select one
 
A.
B.
C.
D.
Answer and explanation:
Kerberos is a network authentication protocol for client-server applications that can be used to restrict access to the database to authorized users. Vitality detection and multimodal biometrics are controls against spoofing and mimicry attacks. Before-image/after-image logging of database transactions is a detective control, as opposed to Kerberos, which is a preventative control.

Free Exam Simulator