nerdexam
EC-Council

312-50V11 · Question #163

Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?

The correct answer is A. Single sign-on. Single sign-on (SSO) uses a Central Authentication Server to authenticate users once and issue access tokens that grant entry to multiple integrated systems without re-prompting for credentials.

Information Security and Ethical Hacking Fundamentals

Question

Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?

Options

  • ASingle sign-on
  • BWindows authentication
  • CRole Based Access Control (RBAC)
  • DDiscretionary Access Control (DAC)

How the community answered

(19 responses)
  • A
    89% (17)
  • B
    5% (1)
  • C
    5% (1)

Why each option

Single sign-on (SSO) uses a Central Authentication Server to authenticate users once and issue access tokens that grant entry to multiple integrated systems without re-prompting for credentials.

ASingle sign-onCorrect

SSO with a Central Authentication Server (CAS) authenticates the user a single time and issues a session token or ticket (such as a Kerberos TGT or SAML assertion) that is accepted by all participating systems, eliminating repeated logins while centralizing authentication management.

BWindows authentication

Windows Authentication refers to NTLM or Kerberos protocols specific to Microsoft environments and does not describe a vendor-neutral CAS architecture that federates authentication across heterogeneous systems.

CRole Based Access Control (RBAC)

RBAC is an authorization model that assigns permissions based on user roles, not an authentication mechanism; it does not provide centralized login or eliminate the need for separate credentials per system.

DDiscretionary Access Control (DAC)

DAC is an authorization model where resource owners control access permissions; it addresses who can access resources, not how users authenticate or how login sessions are federated.

Concept tested: Single sign-on centralized authentication server

Source: https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/what-is-single-sign-on

Topics

#single sign-on#CAS#authentication#access control

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice