Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 114 discussion

Actual exam question from ISC's CISSP
Question #: 114
Topic #: 1
[All CISSP Questions]

What is the MOST effective method to enhance security of a single sign-on (SSO) solution that interfaces with critical systems?

  • A. Two-factor authentication
  • B. Reusable tokens for application level authentication
  • C. High performance encryption algorithms
  • D. Secure Sockets Layer (SSL) for all communications
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by dev46 at Sept. 22, 2022, 4:10 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
scoobysnack209
4 weeks ago
The answer is D. SSO does not required additional authentication or verification.
upvoted 1 times
...
Bach1968
1 year, 4 months ago
Selected Answer: A
The MOST effective method to enhance the security of a single sign-on (SSO) solution that interfaces with critical systems is: A. Two-factor authentication Two-factor authentication (2FA) adds an additional layer of security to the authentication process by requiring users to provide two forms of identification: something they know (e.g., a password) and something they have (e.g., a physical token or a mobile device). This approach significantly reduces the risk of unauthorized access even if the user's password is compromised.
upvoted 1 times
...
HughJassole
1 year, 5 months ago
A. Once you're in sso you can go anywhere without prompts, that's the whole point. So the security is up front at login, MFA is a great way to increase security. Everything should be ssl/tls too.
upvoted 2 times
...
Ivanchun
1 year, 11 months ago
Selected Answer: A
SSO with Two Factor Authentication is common
upvoted 1 times
jackdryan
1 year, 6 months ago
A is correct
upvoted 1 times
...
...
Jamati
2 years ago
Selected Answer: A
You may enable SS/TLS, but if an attacker already knows the password then what's the point?
upvoted 1 times
...
dev46
2 years, 2 months ago
Selected Answer: A
B and C are easily eliminated A and D both sound right. But A could be right considering the keyword "enhance" - I would assume SSL is already in place for securing data to/ from critical systems. So, validating user authentication with multi-factor sounds right.
upvoted 2 times
franbarpro
2 years, 1 month ago
Also SSL has that heartbleed bug (https://heartbleed.com/) which why SSL is being replaced by TLS. So, Def. "A"
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel