CompTIA CASP+ (CAS-003) — Question 350

A company is moving all of its web applications to an SSO configuration using SAML. Some employees report that when signing in to an application, they get an error message on the login screen after entering their username and password, and are denied access. When they access another system that has been converted to the new SSO authentication model, they are able to authenticate successfully without being prompted for login.
Which of the following is MOST likely the issue?

Answer options

• A. The employees are using an old link that does not use the new SAML authentication.
• B. The XACML for the problematic application is not in the proper format or may be using an older schema.
• C. The web services methods and properties are missing the required WSDL to complete the request after displaying the login page.
• D. A threat actor is implementing an MITM attack to harvest credentials.

Correct answer: A

Explanation

The most probable cause is that the employees are accessing an outdated link that has not been updated to support the new SAML authentication, which is why they face login issues. The other options either relate to specific technical issues that would not solely affect the login process or involve scenarios that are less likely in this context.