Alekos wants to control access to iPads used throughout his organization as point-of-sale terminals. Which of the following methods should he use to allow logical access control for the devices in a shared environment?
Answer Options
Use a shared PIN for all point-of-sale terminals to make them easier to use.
Use OAuth to allow cloud logins for each user.
Issue a unique PIN to each user for the iPad they are issued.
Use Active Directory and user accounts for logins to the iPads using the AD user ID and password.
Correct Answer: D
Explanation
Using an enterprise authentication system like Active Directory that requires individuals to log in with their credentials provides the ability to determine who was logged in if a problem occurs and also allows Alekos to quickly and easily remove users who are terminated or switch roles. Using a shared PIN provides no accountability, while unique PINs per user on specifically issued iPads mean that others will not be able to log in. OAuth alone does not provide the services and features needed—it is an authorization service, not an authentication service.