Interested to Buy Any Domain ? << Click Here >> for more details...
A MAJOR risk of using single sign-on (SSO) is that it:
A. has a single authentication point.
B. represents a single point of failure.
C. causes an administrative bottleneck.
D. leads to a lockout of valid users.
- 1 Answers
- 10163 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
The primary risk associated with single sign-on is the
single authentication point. If a password is compromised,
access to many applications can be obtained without further
verification. A single point of failure provides a similar
redundancy to the single authentication point. However,
failure can occur at multiple points, such as, data, process
or network. An administrative bottleneck may result when the
administration is centralized in a single step entry system.
This is therefore an advantage. User lockout can occur with
any password authentication system and normally is remedied
swiftly by the security administrator resetting the account.
| Is This Answer Correct ? | 6 Yes | 0 No |
The corporate office of a company having branches worldwide, developed a control self-assessment program (CSA) for all its offices. Which of the following is the MOST important requirement for a successful CSA? A. Skills of the workshop facilitator B. Simplicity of the questionnaire C. Support from the audit department D. Involvement of line managers
The most likely error to occur when implementing a firewall is: A. incorrectly configuring the access lists. B. compromising the passwords due to social engineering. C. connecting a modem to the computers in the network. D. inadequately protecting the network and server from virus attacks.
Which of the following is the MOST important consideration when developing a business continuity plan for a bank? A. Antivirus software B. Naming standards C. Customer balance list D. Password policy
An IS auditor should be involved in: A. observing tests of the disaster recovery plan. B. developing the disaster recovery plan. C. maintaining the disaster recovery plan. D. reviewing the disaster recovery requirements of supplier contracts.
Which of the following functions, if performed by scheduling and operations personnel, would be in conflict with a policy requiring a proper segregation of duties? A. Job submission B. Resource management C. Code correction D. Output distribution
A hub is a device that connects: A. two LANs using different protocols. B. a LAN with a WAN. C. a LAN with a metropolitan area network (MAN). D. two segments of a single LAN.
To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:
In a web server, a common gateway interface (CGI) is MOST often used as a(n): A. consistent way for transferring data to the application program and back to the user. B. computer graphics imaging method for movies and TV. C. graphic user interface for web design. D. interface to access the private gateway domain.
Which of the following audit tools is MOST useful to an IS auditor when an audit trail is required? A. Integrated test facility (ITF) B. Continuous and intermittent simulation (CIS) C. Audit hooks D. Snapshots
Which of the following types of firewalls provide the GREATEST degree and granularity of control? A. Screening router B. Packet filter C. Application gateway D. Circuit gateway
Which of the following should be the FIRST step of an IS audit? A. Create a flowchart of the decision branches. B. Gain an understanding of the environment under review. C. Perform a risk assessment. D. Develop the audit plan.
Which of the following is the MOST important reason for an IS auditor to be involved in a system development project? A. Evaluate the efficiency of resource utilization. B. Develop audit programs for subsequent audits of the system. C. Evaluate the selection of hardware to be used by the system. D. Ensure that adequate controls are built into the system during development.
Cisco Certifications 
