CompTIA Security+ Question G-20

A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here?

A. Separation of duties
B. Least privilege
C. Same sign-on
D. Single sign-on

Answer: C

Explanation:
Same sign-on requires the users to re-enter their credentials but it allows them to use the same credentials that they use to sign on locally.

CompTIA Security+ Question F-81

A company wants to ensure that all credentials for various systems are saved within a central database so that users only have to login once for access to all systems. Which of the following would accomplish this?

A. Multi-factor authentication
B. Smart card access
C. Same Sign-On
D. Single Sign-On

Answer: D

Explanation:
Single sign-on means that once a user (or other subject) is authenticated into a realm, re-authentication is not required for access to resources on any realm entity. Single sign-on is able to internally translate and store credentials for the various mechanisms, from the credential used for original authentication.