exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam

Exam CAS-004 topic 1 question 400 discussion

Actual exam question from CompTIA's CAS-004
Question #: 400
Topic #: 1
[All CAS-004 Questions]

A security engineer needs to implement a cost-effective authentication scheme for a new web-based application that requires:

• Rapid authentication
• Flexible authorization
• Ease of deployment
• Low cost but high functionality

Which of the following approaches best meets these objectives?

  • A. Kerberos
  • B. EAP
  • C. SAML
  • D. OAuth
  • E. TACACS+
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Steel16
1 week, 3 days ago
Selected Answer: D
o Rapid authentication: OAuth allows users to authenticate quickly by leveraging existing credentials from social media platforms or other trusted services, eliminating the need to create separate accounts or passwords for the new application. o Flexible authorization: OAuth provides granular control over which resources a third-party application can access, allowing for fine-grained authorization based on user roles and permissions. o Ease of deployment: OAuth is relatively simple to implement for developers, requiring minimal setup and integration with existing identity providers. o Low cost but high functionality: OAuth is an open standard with widely available libraries and support, making it a cost-effective solution with a high level of functionality.
upvoted 1 times
Steel16
1 week, 1 day ago
o C. SAML: SAML offers robust authentication and attribute exchange but can be more complex to implement and manage than OAuth, especially for smaller or less technical organizations. It may not be as readily adopted by users familiar with social logins.
upvoted 1 times
...
...
grelaman
5 months, 2 weeks ago
Selected Answer: C
SAML is an open standard for Authentication and Authorization Rapid Authentication Flexible Authorization via attribute statements in assertions. Ease of Deployment with widespread support and available tools. Low Cost and High Functionality as an open standard with robust features. Why Not OAuth: OAuth provides delegated authorization. Does not handle user authentication on its own; it relies on an authentication mechanism like OpenID Connect. Without OpenID Connect, OAuth cannot fulfill the authentication requirement specified, and OpenID is not a choice here.
upvoted 1 times
...
041ba31
9 months, 3 weeks ago
Selected Answer: D
The best answer is D. OAuth. OAuth provides a cost-effective, flexible, and easy-to-deploy authentication scheme that allows for rapid authentication and flexible authorization, making it well-suited for web-based applications.
upvoted 2 times
...
cf13076
10 months, 4 weeks ago
For the CASP+ exam, the most suitable approach given the requirements of rapid authentication, flexible authorization, ease of deployment, low cost, and high functionality for a web-based application would indeed be **D. OAuth**. OAuth is well-suited for delegated authorization and authentication in web-based applications. It enables users to grant access to their resources without disclosing their credentials directly. OAuth offers rapid authentication, flexible authorization through scopes, ease of deployment due to its widespread adoption and support, and it often comes with low implementation costs. While the other options may provide authentication and authorization capabilities, they might not fulfill all the specified criteria as effectively as OAuth does in this scenario.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago