CompTIA Security Plus Mock Test Q924

After Ann, a user, logs into her banking websites she has access to her financial institution mortgage, credit card, and brokerage websites as well. Which of the following is being described?

A. Trusted OS
B. Mandatory access control
C. Separation of duties
D. Single sign-on


Correct Answer: D
Section: Access Control and Identity Management

Explanation:
Single sign-on means that once a user (or other subject) is authenticated into a realm, re-authentication is not required for access to resources on any realm entity. The question states
that when Ann logs into her banking websites she has access to her financial institution mortgage, credit card, and brokerage websites as well. This describes an SSO scenario.

Incorrect Answers:
A: Trusted OS requires a particular OS to be present in order to gain access to a resource.
B: Mandatory Access Control allows access to be granted or restricted based on the rules of classification.
C: Separation of duties divides administrator or privileged tasks into separate groupings.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 82, 246, 278, 284