CAS-001 · Question #257
CAS-001 Question #257: Real Exam Question with Answer & Explanation
The correct answer is A: Users only have to remember one password.. (A) With SSO, users authenticate once and gain access to all authorized systems - they only need to remember one strong password. This reduces password fatigue, which is a primary driver of weak passwords, password reuse, and insecure storage practices. Fewer passwords means a sm
Question
Options
- AUsers only have to remember one password.
- BApplications need to validate authentication tokens.
- CAuthentication is secured by the certificate authority.
- DLess time and complexity removing user access.
- EAll password transactions are encrypted.
Explanation
(A) With SSO, users authenticate once and gain access to all authorized systems - they only need to remember one strong password. This reduces password fatigue, which is a primary driver of weak passwords, password reuse, and insecure storage practices. Fewer passwords means a smaller attack surface from credential-related threats. (D) When a user's access needs to be revoked (e.g., employee termination), SSO means administrators only need to disable a single account in one identity store. Without SSO, deprovisioning requires disabling accounts across every individual system, which is error-prone - a missed account in even one system leaves a security gap. Faster, more complete deprovisioning reduces the window of unauthorized access. Option B (applications validating tokens) is a technical mechanism of SSO, not a security advantage per se. Option C (CA-secured authentication) is not inherently tied to SSO. Option E (encrypting password transactions) is not a specific SSO advantage - all modern authentication systems should encrypt credentials in transit.
Community Discussion
No community discussion yet for this question.