ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 577 discussion

Actual exam question from CompTIA's CAS-004
Question #: 577
Topic #: 1
[All CAS-004 Questions]

A security architect is making recommendations for a new system that will be built to store and exchange health records. The application will be a single-page application that calls server-side, web-based API endpoints. Due to compliance implications, the system must meet the following security requirements:

• Resistance to session takeover attacks
• Able to revoke access if a system compromise is suspected
• Able to authenticate the user by employing best practices

Which of the following should the architect do to best meet the requirements?

  • A. Implement OpenID Connect with granular scopes for data access.
  • B. Leverage OAuth with the implicit Grant type.
  • C. Configure role-based access control using LDAP.
  • D. Utilize Kerberos to implement role-based access control.
  • E. Use the Extensible Authentication Protocol.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Bright07 at Jan. 25, 2025, 2:31 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Bright07
3 months ago
Selected Answer: A
A. Implement OpenID Connect with granular scopes for data access. OpenID Connect (OIDC) is a widely adopted identity layer built on top of OAuth 2.0 that provides authentication services. OIDC allows for secure user authentication and supports session management with features such as session expiration and revocation, helping mitigate session takeover risks. By using granular scopes, the system can define fine-grained permissions for data access, helping to meet the requirement for controlling access and ensuring compliance with data handling practices. It also supports the ability to revoke access if a system compromise is suspected, as OAuth 2.0 allows for token revocation.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago