A security architect has been assigned to a new digital transformation program.

Question

A security architect has been assigned to a new digital transformation program. The objectives are to provide better c reduce costs. The program has highlighted the following requirements 1. Long-lived sessions are required, as users do not log in very often 2. The solution has multiple SPs, which include mobile and web applications 3. A centralized IdP is utilized for all customer digital channels 4. The applications provide different functionality types such as forums and customer portals 5 The user experience needs to be the same across both mobile and web-based applications Which of the following would BEST improve security while meeting these requirements? Social login to ldP, securely Certificate-based authentication to ldP, securel Username and password authentication to ldP, securely store Username and password authentication to SP, securely store Java web tokens, and store the session cookies, and implement one-time passwords sent to the mobile device y store access tokens, and implement secure push notifications efresh tokens, and implement context-aware authentication implement SMS OTPs

Explanation / Answer

B - Reason - Digital Certificates are required for for all Digital Customer channels and securely store access tokens as customers dont login very often so these tokens can be used to identify the users for long sessions. Secure Push notifications will allow uniform access for both Mobile and Web based applications so user experience will remain same.

Please let me know in case of any clarifications required. Thanks!

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.