A security architect has been assigned to a new digital transformation program. The objectives are to provide better capabilities to customers and reduce costs.
The program has highlighted the following requirements:
✑ Long-lived sessions are required, as users do not log in very often.
✑ . The solution has multiple SPs, which include mobile and web applications.
✑ A centralized IdP is utilized for all customer digital channels.
✑ . The applications provide different functionality types such as forums and customer portals.
✑ . The user experience needs to be the same across both mobile and web-based applications.
Which of the following would BEST improve security while meeting these requirements?
A . Social login to IdP, securely store the session cookies, and implement one-time passwords sent to the mobile device
B . Create-based authentication to IdP, securely store access tokens, and implement secure push notifications.
C . Username and password authentication to IdP, securely store refresh tokens, and implement context-aware authentication.
D . Username and password authentication to SP, securely store Java web tokens, and implement SMS OTPs.
Answer: A
Latest CAS-003 Dumps Valid Version with 509 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund