ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 325 discussion

Actual exam question from CompTIA's SY0-601
Question #: 325
Topic #: 1
[All SY0-601 Questions]

A security engineer is reviewing the logs from a SAML application that is configured to use MFA. During this review, the engineer notices a high volume of successful logins that did not require MFA from users who were traveling internationally. The application, which can be accessed without a VPN, has a policy that allows time-based tokens to be generated. Users who change locations should be required to reauthenticate but have been able to log in without doing so. Which of the following statements BEST explains the issue?

  • A. OpenID is mandatory to make the MFA requirements work.
  • B. An incorrect browser has been detected by the SAML application.
  • C. The access device has a trusted certificate installed that is overwriting the session token.
  • D. The user’s IP address is changing between logins, but the application is not invalidating the token.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by sdc939 at Feb. 7, 2023, 12:57 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ApplebeesWaiter1122
Highly Voted 1 year, 11 months ago
Selected Answer: D
The issue lies in the fact that the user's IP address is changing between logins due to international travel, but the application is not invalidating the token. This means that the previously issued token, which does not require MFA, remains valid even after the user has changed locations. As a result, the users can log in without going through the MFA process, violating the policy set by the application. The IP address is a common factor used to identify the location of the user. When a user's IP address changes significantly, it indicates a change in location. In this case, the application should have mechanisms in place to detect such changes and invalidate the existing token, requiring the user to reauthenticate and complete the MFA process for security purposes.
upvoted 15 times
...
Ranaer
Highly Voted 2 years, 2 months ago
Selected Answer: D
I believe A is straight up wrong. OpenID is not mandatory for MFA. I think B and C arent relevant. Thus I choose D.
upvoted 8 times
...
touisuzuki
Most Recent 1 year, 8 months ago
Selected Answer: D
D Unable to invalidating the token
upvoted 1 times
...
ganymede
2 years, 2 months ago
Selected Answer: D
D. Makes the most sense.
upvoted 3 times
...
sdc939
2 years, 3 months ago
D. The user’s IP address is changing between logins, but the application is not invalidating the token.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago