CompTIA CASP+ (CAS-003) — Question 65

An organization is improving its web services to enable better customer engagement and self-service. The organization has a native mobile application and a rewards portal provided by a third party. The business wants to provide customers with the ability to log in once and have SSO between each of the applications.
The integrity of the identity is important so it can be propagated through to back-end systems to maintain a consistent audit trail. Which of the following authentication and authorization types BEST meet the requirements? (Choose two.)

Answer options

• A. SAML
• B. Social login
• C. OpenID connect
• D. XACML
• E. SPML
• F. OAuth

Correct answer: A, F

Explanation

The correct answers are A (SAML) and F (OAuth) because SAML is widely used for SSO in enterprise applications, providing secure identity propagation. OAuth, on the other hand, is an authorization framework that allows applications to obtain limited access to user accounts, which is also essential for integrating multiple services. The other options do not fulfill the requirement for secure, consistent identity management across the applications.