Which of the following describes the major disadvantage of many Single Sign-On (SSO) implementations?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
Single Sign-On is a distrubuted Access Control methodology where an individual only has to authenticate once and would have access to all primary and secondary network domains.
The individual would not be required to re-authenticate when they needed additional resources.
The security issue that this creates is if a fraudster is able to compromise those credential they too would have access to all the resources that account has access to.
All the other answers are incorrect as they are distractors.
Single Sign-On (SSO) is a mechanism that allows users to authenticate once and access multiple resources or applications without having to re-authenticate. SSO can improve usability, user experience, and security by reducing the number of passwords that users need to remember and decreasing the risk of password-related issues such as weak passwords, password reuse, or password sharing.
The major disadvantage of many SSO implementations is option A: "Once an individual obtains access to the system through the initial log-on, they have access to all resources within the environment that the account has access to."
This means that if a user's account is compromised or if an attacker gains access to the SSO credentials, they will have access to all resources that the user has access to. This can include sensitive data, systems, and applications that may cause severe damage to the organization if they fall into the wrong hands. Additionally, this also means that there is no differentiation between high-risk and low-risk resources, and all resources are treated equally.
This is a significant security risk, as attackers only need to obtain one set of credentials to gain access to an entire system or network. It can also make it challenging to track and monitor user activity, as all access is granted through a single account. Furthermore, this can also create compliance issues for organizations that are required to enforce separation of duties or need to provide audit trails for regulatory purposes.
Options B, C, and D are not accurate descriptions of the major disadvantage of many SSO implementations. Option B suggests that the initial logon process is cumbersome to discourage potential intruders, but this is not a disadvantage of SSO itself. Option C describes one of the benefits of SSO, where users only need to logon to some applications, and option D is not an accurate statement since SSO allows users to access multiple resources without having to log out of other systems.