CompTIA CASP+ Practice Test 2026 - Free CASP+ Practice Questions and Study Guide

To securely enable Single Sign-On (SSO) in a new mobile application, encrypting the local storage of the authenticated token is crucial. When an application utilizes SSO, it often receives an authentication token after a user successfully logs in. This token is sensitive information that, if compromised, can grant unauthorized access to the user’s account.

By encrypting the authenticated token stored locally, the application ensures that even if an unauthorized party gains access to the device or the local storage, they cannot easily read or misuse the token, thus maintaining the integrity and security of the user's authenticated session. This is a fundamental security measure that helps prevent data breaches and unauthorized access, making it an essential control in the context of implementing SSO in mobile applications.

In contrast, other options such as using a unique passphrase for every session or requiring a VPN may improve security in certain ways, but they do not directly address the secure storage of sensitive authentication tokens within the application itself. Minimum password complexity requirements are also important for initial login security but do not directly relate to the challenges posed by storing authentication tokens securely within a mobile application.