When discussing the security of SSO systems which of the fol

When discussing the security of SSO systems, which of the following is considered a disadvantage?

A. Single sign-on requires much more maintenance and overhead because all systems are tied together.

B. The biggest disadvantage to single sign-on is that system time on all systems must be held to very tight standards; if deviated from, this can cause serious access problems.

C. There are no real disadvantages to single sign-on.

D. If single sign-on is breached, it offers the intruder access to all systems tied to the SSO implementation.

Solution

D. Single sign-on (SSO) offers the attacker potential access to many systems tied to SSO when authenticated only once. Answer A is incorrect because it is can be breached and offers the intruder access to all systems. SSO does not require much more maintenance and overhead. Answer B is incorrect because although SSO systems such as Kerberos do require clock synchronization, this is not the overriding security issue. Answer C is incorrect because all systems have some type of flaw or drawback