CompTIA Security Plus Mock Test Q775

A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here?

A. Separation of duties
B. Least privilege
C. Same sign-on
D. Single sign-on


Correct Answer: C
Section: Application, Data and Host Security

Explanation
Same sign-on requires the users to re-enter their credentials but it allows them to use the same credentials that they use to sign on locally.

Incorrect Answers:
A: Separation of duties is the division of administrative tasks and their assignment to different administrators. This ensures that no one user has complete access or power over an
entire network, server, or system. This is not an authentication system.
B: The principle of least privilege is used to ensure that users are only provided with the minimum privileges and permissions that allow them to perform their duties. This is not an
authentication system.
D: Single sign-on does not require users to re-enter their credentials once they have logged on locally.

References:
http://blogs.technet.com/b/jeff_stokes/archive/2013/07/08/today-s-cloud-tip-same-sign-on-vs-single-sign-on.aspx
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 149-150, 153
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 82, 289