The Open Group has defined functional objectives in support of a user single sign-on (SSO) interface.
Which of the following is NOT one of those objectives and would possibly represent a vulnerability?

A.
Provision for user-initiated change of nonuser-configured authentication information.

B.
Support shall be provided for a subject to establish a default user profile.

C.
The interface shall be independent of the type of authentication information handled.

D.
It shall not predefine the timing of secondary sign-on operations.

Explanation:
User configuration of nonuser-configured authentication mechanisms is not supported by the Open
Group SSO interface objectives. Authentication mechanisms include items such as smart cards and
magnetic badges. Strict controls must be placed to prevent a user from changing configurations that
are set by another authority. Objective a supports the incorporation of a variety of authentication
schemes and technologies. Answer c states that the interface functional objectives do not require
that all sign-on operations be performed at the same time as the primary sign on. This prevents the
creation of user sessions with all the available services even though these services are not needed by
the user. The creation of a default user profile will make the sign-on more efficient and less timeconsuming. In summary, the scope of the Open Group Single Sign-On Standards is to define services
in support of: The development of applications to provide a common, single end-user sign-on
interface for an enterprise. The development of applications for the coordinated management of
multiple user account management information bases maintained by an enterprise.