Examice

Exam CAS-004 All QuestionsBrowse all questions from this exam

Question 229

Company A acquired Company B. During an initial assessment, the companies discover they are using the same SSO system. To help users with the transition. Company A is requiring the following:

• Before the merger is complete, users from both companies should use a single set of usernames and passwords.

• Users in the same departments should have the same set of rights and privileges, but they should have different sets of rights and privileges if they have different IPs.

• Users from Company B should be able to access Company A's available resources.

Which of the following are the BEST solutions? (Choose two.)

Installing new Group Policy Object policies

Establishing one-way trust from Company B to Company A

Enabling SAML

Implementing attribute-based access control

Installing Company A’s Kerberos systems in Company B's network

Updating login scripts

Correct Answer: B, C

To address the requirements, enabling SAML allows users from both companies to use a single set of usernames and passwords, facilitating a unified access mechanism. Implementing attribute-based access control ensures that users in the same departments have the same set of rights and privileges, while different sets of rights and privileges can be provided based on different IP addresses. These solutions together meet the criteria of unifying login credentials and providing granular access control based on attributes like IP addresses.

Discussion

FoxTrotDGOptions: CD

By enabling SAML, you create a federated identity management system that allows users from both companies to use a single set of usernames and passwords. It also addresses the requirement for users from Company B to access Company A's available resources. Implementing attribute-based access control provides control based on various attriburtes, including IP addresses. This allows users in the same departments to have the same set of rights and privileges while giving different sets of rights and privileges to users with different IPs.

HazycoreOptions: BD

B. Establishing one-way trust from Company B to Company A D. Implementing attribute-based access control

p1s3cOptions: BD

B. Establishing one-way trust from Company B to Company A D. Implementing attribute-based access control Establishing one-way trust from Company B to Company A will allow users in Company B to authenticate and access Company A's resources. Implementing attribute-based access control (ABAC) will enable users in the same departments to have the same set of rights and privileges, but with different sets of rights and privileges based on their IP addresses.

Amin4799Options: BD

BD okay for me....

Trap_D0_rOptions: CD

Don't be confused by "B" or how one-way trust works. The answer doesn't say "Establish one way trust in the correct direction" it says "establish one way trust FROM company B TO company A." If I have a trust relationship from B to A, that means that B trusts A, OR: A can access all of Bs resources--this is the opposite of what I want to have happen. Therefore the only relevant answers are C/D.

AnarckiiOptions: BD

Companies are already using SSO or it would be CD. So you would want the one way trust and access control

armid

SSO doesnt automatically mean SAML. They are just saying they use same type of SSO, which could mean both compnaines are using their own Kerberos SSO. Just speculating,

nuel_12Options: BD

if there is SSO already it means the is definitly SAML or Open id activated, ir you read about merger and acquisition you will understand that for two companies to operate the must establish trust first before each company can share resource A one-way trust can be useful in a merger and acquisition scenario when the two companies want to share some resources and services, but also maintain some level of autonomy

Ariel235788Options: CD

ChatGPT: To address the requirements and facilitate the transition between Company A and Company B, the following solutions would be the best choices: C. Enabling SAML (Security Assertion Markup Language): SAML is a standardized protocol for single sign-on (SSO) and identity federation. Enabling SAML allows users from both companies to use a single set of usernames and passwords to access resources. It provides a seamless and secure authentication process. D. Implementing attribute-based access control: Attribute-based access control (ABAC) is a flexible access control model that can be used to manage rights and privileges based on various attributes, including IP addresses. It can ensure that users in the same departments have the same set of rights and privileges, but different sets of rights and privileges based on IP addresses. ABAC provides fine-grained access control.

CockOptions: BE

Establishing a one-way trust between Company B and Company A will allow users from Company B access to Company A's resources. This will help facilitate the transition and allow for a seamless integration of both companies' systems. Installing Company A's Kerberos system in Company B's network will help ensure that users from both companies use a single set of usernames and passwords. This will help simplify the transition for users and reduce the risk of confusion and errors.

EAlonsoOptions: BD

B. as C is Federated but B is most precise D. Access Control

imatherOptions: CD

Enabling SAML allows for federated identity, so a single set of usernames and passwords can be used across the new enterprise. Implementing ABAC satisfies both the second and third requirements.

isaphiltrick

What bothers me about C - Enable SAML is that both companies are already using the same SSO system. Wouldn't SAML already be set up?