Which of the following statement about single sign-on (SSO) is not true?
A. SSO enables users to log in once and gain access to resources across systems
B. Multiple user accounts registered across systems can achieve SSO
C. SSO may involve multiple logins across systems
D. SSO is achieved by maintaining only one account trusted across systems for each user
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. SSO is achieved by maintaining only one account trusted across systems for each user
Single sign-on enables users to log in once and gain access to multiple information system resources. (NIST SP 800-53 R4)
Single or Multiple Identities for each User?
A user may have multiple user accounts; each of them resides across identity providers. SSO can be achieved through scripted access/logon scripts or identity federation in this case.
SSO “can be” achieved by maintaining only one account trusted across systems for each user. Microsoft Active Directory is a good example.
SSO may involve multiple logins across systems
SSO enables “users” to login once, but it may involve multiple logins across systems in terms of a logon script.
The following is an example of logon script:
NET USE S: \\server1\share1 mypassword1 /user:firstname.lastname@example.org
NET USE T: \\server2\share2 mypassword2 /user:email@example.com
When Jack logged into the system, the logon script logs Jack into server1 and server2 respectively. From the perspective of Jack, he logged into the system once, but login happened three times technically.