Analyzing Online Ad Success

Questions and Answers

What was the purpose of the marketing team's proposed advertisement campaigns?

• To collect purchasing data
• To manually find patterns in the data
• To attract customers (correct)
• To develop a machine learning model

Why is it intractable for humans to handle the vast amount of purchasing data?

• The amount of data is too large (correct)
• The data is too complex
• Humans are not capable of analyzing patterns
• The data is unorganized

What is the purpose of developing a machine learning model?

• To collect purchasing data
• To manually find patterns in the data
• To automatically predict patterns and make predictions based on new scenarios (correct)
• To develop a marketing campaign

What is the difference between true single sign-on and same-sign on?

True single sign-on requires no authentication for each application, while same-sign on requires authentication for each application but with the same credentials. (C)

How can SSO be achieved over IP networks?

Using cookies if the sites share a common DNS parent domain. (D)

What is single sign-off (SLO)?

The property whereby a single action of signing out terminates access to multiple software systems. (B)

What is the recommended combination with SSO for increased security?

Strong authentication methods like smart cards and one-time password tokens. (D)

What is a potential negative impact of SSO?

SSO increases the negative impact in case credentials are available to other people and misused. (B)

What is the potential consequence of a loss of availability of SSO authentication systems?

Denial of access to all systems unified under the SSO. (D)

What is Covert Redirect?

A vulnerability that takes advantage of third-party clients susceptible to an XSS or Open Redirect. (D)

What is Security Assertion Markup Language (SAML)?

A protocol for exchanging user security information between an SAML identity provider and a SAML service provider, supporting XML encryption and service-provider-initiated web browser single sign-on exchanges. (D)

What is the difference between true single sign-on and same-sign on?

True single sign-on requires no re-entry of authentication factors, while same-sign on requires authentication for each application but with the same credentials. (C)

What is single sign-off (SLO)?

The property whereby a single action of signing out terminates access to multiple software systems. (D)

What should be combined with SSO to increase security?

Strong authentication methods like smart cards and one-time password tokens. (A)

What is a potential negative impact of SSO?

SSO increases the negative impact in case credentials are available to other people and misused. (B)

What is a vulnerability that can affect single sign-on protocols?

Covert Redirect, which takes advantage of third-party clients susceptible to an XSS or Open Redirect. (B)

What is Security Assertion Markup Language (SAML)?

A protocol for exchanging user security information between an SAML identity provider and a SAML service provider. (B)

What is a newer variation of SSO authentication that uses mobile devices as access credentials?

Authentication methods like OpenID Connect and SAML, in conjunction with an X.509 ITU-T cryptography certificate. (D)

What is a potential difficulty of SSO in countries with active censorship regimes?

SSO can cause difficulties in countries with active censorship regimes, where the third party website may not be actively censored but is effectively blocked if a user's social login is blocked. (D)

Flashcards are hidden until you start studying

Study Notes

Understanding Single Sign-On: Benefits, Criticisms, and Security Issues

• Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to multiple software systems without re-entering authentication factors.
• True single sign-on allows access to services without re-entering authentication factors, while same-sign on (Directory Server Authentication) requires authentication for each application but with the same credentials.
• SSO can be achieved over IP networks using cookies but only if the sites share a common DNS parent domain.
• Single sign-off (SLO) is the property whereby a single action of signing out terminates access to multiple software systems.
• SSO requires an increased focus on the protection of user credentials and should ideally be combined with strong authentication methods like smart cards and one-time password tokens.
• SSO increases the negative impact in case credentials are available to other people and misused.
• SSO makes the authentication systems highly critical, and a loss of their availability can result in denial of access to all systems unified under the SSO.
• SSO can cause difficulties in countries with active censorship regimes, where the third party website may not be actively censored but is effectively blocked if a user's social login is blocked.
• Single sign-on protocols are affected by vulnerabilities like Covert Redirect, which takes advantage of third-party clients susceptible to an XSS or Open Redirect.
• SSO can work without revealing identifying information such as email addresses to the relying party, but many credential providers do not allow users to configure what information is passed on.
• SSO can be configured for specific environments, such as Kerberos-based Windows, Unix/Linux, smart-card-based, Integrated Windows Authentication, and cross-platform Active Directory integration.
• SSO can also use Security Assertion Markup Language (SAML) for exchanging user security information between an SAML identity provider and a SAML service provider, supporting XML encryption and service-provider-initiated web browser single sign-on exchanges.
• A newer variation of SSO authentication has been developed using mobile devices as access credentials, which can be used to automatically log users onto multiple systems through the use of authentication methods like OpenID Connect and SAML, in conjunction with an X.509 ITU-T cryptography certificate.