nerdexam
EC-Council

312-50V9 · Question #327

Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?

The correct answer is D. Single sign-on. Single sign-on (SSO) uses a central authentication server to authenticate users once and grant seamless access to multiple connected systems without repeated logins.

Introduction to Ethical Hacking

Question

Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?

Exhibit

312-50V9 question #327 exhibit

Options

  • ARole Based Access Control (RBAC)
  • BDiscretionary Access Control (DAC)
  • CWindows authentication
  • DSingle sign-on

How the community answered

(34 responses)
  • A
    6% (2)
  • B
    6% (2)
  • C
    3% (1)
  • D
    85% (29)

Why each option

Single sign-on (SSO) uses a central authentication server to authenticate users once and grant seamless access to multiple connected systems without repeated logins.

ARole Based Access Control (RBAC)

Role Based Access Control (RBAC) is an authorization model that assigns permissions based on a user's assigned role, not a mechanism for centralizing authentication or eliminating repeated logins across systems.

BDiscretionary Access Control (DAC)

Discretionary Access Control (DAC) lets individual resource owners define who may access their resources, but it has no concept of a central authentication server or single-login capability.

CWindows authentication

Windows authentication refers to specific protocols like NTLM or Kerberos within a Windows domain and is not a general-purpose multi-system single-login mechanism applicable across heterogeneous environments.

DSingle sign-onCorrect

Single sign-on implements a central authentication server (CAS) where a user provides credentials once and receives a token or session that is trusted by all connected systems. This federates identity across applications so the user never re-authenticates per system. The CAS is the authoritative validator, and downstream services accept its proof of identity rather than managing their own credential stores.

Concept tested: Single sign-on centralized authentication mechanism

Source: https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/what-is-single-sign-on

Topics

#Single Sign-On#CAS#authentication#access control

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice