Clothing retailer employees are provisioned with user accounts that provide access to resources at partner businesses. All partner businesses use common identity and access management (IAM) protocols and differing technologies. Under the Extended Identity principle, what is the process flow between partner businesses to allow this IAM action?
Clothing retailer acts as an identity provider (IdP), confirms the identity of the user using industry standards, then sends credentials to partner businesses that act as Service Providers. These Service Providers allow access to their services or resources. This flow aligns with the Extended Identity principle, which enables seamless access across different organizations by leveraging common IAM protocols.
Agree with "B" - "Employees are provisioned with user accounts" sounds like the clothing retailer is an IdP. Also from crowdstrike: Identity and access management (IAM) is a framework that allows the IT team to control access to systems, networks and assets based on each user’s identity. IAM consists of two main components: 1. Identity management: Verifies the identity of the user based on existing information in an identity management database. 2. Access management: Uses the requestor’s identity to confirm their access rights to different systems, applications, data, devices and other resources. An IAM tool’s core functions are to: Assign a single digital identity to each user Authenticate the user Authorize appropriate access to relevant resources Monitor and manage identities to align with changes within the organization https://www.crowdstrike.com/cybersecurity-101/identity-access-management-iam/
B is correct
B. Clothing retailer acts as identity provider (IdP), confirms identity of user using industry standards, then sends credentials to partner businesses that act as a Service Provider and allows access to services. The Extended Identity principle is a concept that is used to enable access to resources across partner businesses with different IAM technologies. In this scenario, the clothing retailer acts as an identity provider (IdP), which confirms the identity of the user using industry standards such as SAML, OAuth, or OpenID Connect. The IdP then sends the user's credentials to partner businesses that act as a Service Provider (SP) and allow access to resources. By using a common IAM protocol, such as SAML, OAuth, or OpenID Connect, the partner businesses can trust the clothing retailer's authentication of the user's identity and grant access to the requested resources. This allows the clothing retailer's employees to access resources at partner businesses without having to maintain separate user accounts for each partner business.
Good day friends, I'm currently preparing for CISSP exam and I need your support. Could anyone please send me the PDF of the questions bank and any other resources that will help me pass this exam. You can send it to my email <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="d1a1a3beb7b3a4a3a2b0a3a891b6bcb0b8bdffb2bebc">[email protected]</a> Thank you
The SAML 2.0 specification utilizes three entities: the principal, the service provider, and the identity provider
Clothing retailer provide the identity
https://www.youtube.com/watch?v=TblIey-a5-Q
The key here is that the clothing provider is providing resources. " that provide access to resources at partner businesses" A Service Provider is an application or service that users want to access, while an Identity Provider authenticates those users and validates their identities. The SP trusts the IdP to securely handle logins. There for the Retailer "Provides" resources becoming the "Service Provider"