CAS-001 · Question #433
CAS-001 Question #433: Real Exam Question with Answer & Explanation
The correct answer is E: Ensure the SaaS provider supports directory services federation.. The core risk identified is the burden and security exposure of managing a separate set of credentials for the SaaS CRM. Directory services federation (E) - using standards like SAML, OAuth, or OpenID Connect - allows the SaaS provider to trust the organization's existing identit
Question
Options
- AEnsure the SaaS provider supports dual factor authentication.
- BEnsure the SaaS provider supports encrypted password transmission and storage.
- CEnsure the SaaS provider supports secure hash file exchange.
- DEnsure the SaaS provider supports role-based access control.
- EEnsure the SaaS provider supports directory services federation.
Explanation
The core risk identified is the burden and security exposure of managing a separate set of credentials for the SaaS CRM. Directory services federation (E) - using standards like SAML, OAuth, or OpenID Connect - allows the SaaS provider to trust the organization's existing identity provider (e.g., Active Directory). Users authenticate once with their corporate credentials, and the federation passes an assertion to the SaaS platform. This eliminates separate passwords entirely. Dual factor authentication (A) and encrypted password transmission (B) improve security but still require separate credentials. Secure hash file exchange (C) is not a credential management solution. RBAC (D) manages authorization, not authentication credentials.
Community Discussion
No community discussion yet for this question.