A security architect has been assigned to a new digital transformation program. The objectives are to provide better capabilities to customers and reduce costs. The program has highlighted the following requirements: Long-lived sessions are required, as users do not log in very often. The solution has multiple SPs, which include mobile and web applications. A centralized IdP is utilized for all customer digital channels. The applications provide different functionality types such as forums and customer portals. The user experience needs to be the same across both mobile and web-based applications. Which of the following would BEST improve security while meeting these requirements?
A) Social login to IdP, securely store the session cookies, and implement one-time passwords sent to the mobile device
B) Create-based authentication to IdP, securely store access tokens, and implement secure push notifications.
C) Username and password authentication to IdP, securely store refresh tokens, and implement context-aware authentication.
D) Username and password authentication to SP, securely store Java web tokens, and implement SMS OTPs.
Correct Answer:
Verified
Q113: A security analyst who is concerned about
Q114: During a criminal investigation, the prosecutor submitted
Q115: After several industry comnpetitors suffered data loss
Q116: Which of the following describes a contract
Q117: Following a recent data breach, a company
Q119: An organization's Chief Financial Officer (CFO) was
Q120: With which of the following departments should
Q121: After the departure of a developer under
Q122: A project manager is working with a
Q123: A development team is testing an in-house-developed
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents