Workshop 4: User Lifecycle Mgmt | Lesson 1 of 9 | Authenticate Users Flashcards
Acme Inc. has recently upgraded to the Business+ plan and would like to use Google Workspace as an identity provider (IDP). In order to encourage product adoption, they’d like to pre-provision users with their IDP so everyone receives Slack messages even before logging in for the first time.
What authentication setting would you recommend?
SAML SSO through Okta
Google Workspace Auth using OAuth 2.0
Slack login with 2-factor authentication enabled
SAML SSO through Google
SAML SSO through Google
only Google SAML SSO will allow pre-provisioning of users without other custom development.
(Q)Single sign-on (SSO) is:
A password manager that allows users to automatically sign in without remembering a password.
A system that uses trusted third parties to securely authenticate users with multiple applications/websites by logging in only once.
A system entity that creates, maintains, and manages identity information for principals while providing authentication services to relying applications within a federation or distributed network.
A system that uses trusted third parties to securely authenticate users with multiple applications/websites by logging in only once.
Syncing to an SSO provider allows users to automatically log in to multiple tools through their SSO credentials.
Which of the following features are supported by Google Auth?
Select the 2 correct responses.
Pre-provisioning/Custom SCIM profile fields/Syncing of email address and display name/Automatic user deactivation/Just-in-time provisioning
Syncing of email address and display name, Just-in-time provisioning
Which of the following is FALSE about Security Assertion Markup Language (SAML)?
It is an open standard that allows identity providers to pass authorization credentials to service providers.
Its purpose is to allow one system to assert a user’s identity to another system after verifying their identity.
SAML delivers usernames and passwords from identity providers to service providers.
SAML simplifies federated authentication and authorization processes for users, identity providers, and service providers.
It is an open standard that allows identity providers to pass authorization credentials to service providers.
SAML simplifies federated authentication and authorization processes for users, identity providers, and service providers. It offers a secure method of passing user authentications and authorizations between the IDP and the SP without exposing login credentials like usernames and passwords.
TRUE OR FALSE: If you set SSO up as required after your users already have accounts, they will receive an email prompting them to connect (or “bind”) their Slack accounts with your IDP.
TRUE, If you make a change to your SSO configurations (including changing SSO providers) or enable SSO as required after users already have Slack accounts (upgrading plans, for example), your users will receive an email that asks them to connect, or (re)bind, their Slack accounts with your IDP.
Benefits of ?
Users are more likely to create a stronger passphrase & not write it down
SSO gives orgs more control over their team directories
Signe-up & login process is easier, promoting higher adoption
User only needs to remember 1 set of credentials
Users w/ just 1 password won’t require assistance as often
Orgs can easily add & remove Users’ access to multiple applications at once
Drawbacks of ?
A single password, once compromised, could be security rise
You will need to provide IT support for an integration w/ a svc partner
A license w/ an identity provider requires additional budget
Which of the following about 2FA is FALSE?
You’ll need access to your mobile phone when you sign in to Slack.
You can choose to receive a phone call to sign in to Slack.
You’ll enter your password and a verification code each time you sign in.
You can choose to receive a verification code via text message or via an authentication app.
You can choose to receive a phone call to sign in to Slack.
