An organization is selecting a Saas provider to replace its legacy, in house Customer Resource Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials?
A . Ensure the Saas provider supports dual factor authentication.
B . Ensure the Saas provider supports encrypted password transmission and storage.
C . Ensure the Saas provider supports secure hash file exchange.
D . Ensure the Saas provider supports role-based access control.
E . Ensure the Saas provider supports directory services federation.
Answer: E
Explanation:
A Saas application that has a federation server within the customer’s network that interfaces with the customer’s own enterprise user-directory service can provide single sign-on authentication. This federation server has a trust relationship with a corresponding federation server located within the Saas provider’s network.
Single sign-on will mitigate the risk of managing separate user credentials.
Incorrect Answers:
A: Dual factor authentication will provide identification of users via a combination of two different components. It will not, however, mitigate the risk of managing separate user credentials.
B: The transmission and storage of encrypted passwords will not mitigate the risk of managing separate user credentials.
C: A hash file is a file that has been converted into a numerical string by a mathematical algorithm, and has to be unencrypted with a hash key to be understood. It will not, however, mitigate the risk of managing separate user credentials.
D: Role-based access control (RBAC) refers to the restriction of system access to authorized users. It will not, however, mitigate the risk of managing separate user credentials.
References:
https://msdn.microsoft.com/en-us/library/aa905332.aspx
https://en.wikipedia.org/wiki/Two-factor_ authentication
https://en.wikipedia.org/wiki/Encryption
http://www.wisegeek.com/what-are-hash-files.htm
https://en.wikipedia.org/wiki/Role-based_access_control