CISSP Exam - Question 471

D. Federated Identity Management. Federated Identity Management systems allow the identities to be used across multiple IT systems or organizations, enabling users to log in once (Single Sign-On) and gain access to all associated systems without being prompted to log in again at each of them. This approach is particularly effective for SSO implementations because it establishes trust between different domains, allowing for the secure sharing of identity information across those domains. Security Assertion Markup Language (SAML) is a protocol used within Federated Identity Management to exchange authentication and authorization data, but Federated Identity Management itself is the broader approach that best facilitates SSO across multiple applications.

No third party access here so SAML is the right answer. B

D is correct. FIM allows organizations to securely share user identity information between different systems and applications without the need for users to manage multiple sets of usernames and passwords.

No external entities mentioned, so SAML

A. The question is asking for "(SSO) on a network, which authentication approach BEST allows users to use credentials across multiple applications". So we're talking about an authentication approach, SAML is a protocol, so that's out. "Public Key Infrastructure (PKI) is a technology for authenticating users and devices " https://www.ssh.com/academy/pki Federated Identity is for connecting across multiple networks, so the only answer is A. https://www.securew2.com/blog/how-digital-certificates-enable-secure-single-sign-on-sso

The answer is D. Federated Identity Management. Federated Identity Management (FIM) is an authentication approach that allows users to use their credentials across multiple applications. FIM works by having a central identity provider (IdP) that authenticates users and then provides tokens to those users that can be used to access other applications.

B is correct

D. Security Assertion Markup Language (SAML): How it works: SAML is an XML-based standard for exchanging authentication and authorization data between parties, typically between an identity provider (IdP) and a service provider (SP). FIM involves the sharing of authentication and authorization across multiple trusted domains or systems.

D. Federated Identity Management A. SAML is an XML-based standard for exchanging authentication and authorization data between parties, typically between an identity provider (IdP) and a service provider (SP). D. FIM involves the sharing of authentication and authorization across multiple trusted domains or systems.

D. Security Assertion Markup Language (SAML): Federated Identity Management, on the other hand, typically applies when SSO needs to work across different organizations or domains. It involves multiple identity providers and service providers working together to enable SSO across organizational boundaries. So, in the context of a single organization's network, SAML is a strong choice for allowing users to use their credentials across multiple applications while maintaining security and convenience.

Answer A) SAML C and D are basically the same, just different scopes. SAML is the approach just like if you were to use OAUTH

Sorry, meant Answer B) SAML

FIM is an approach.. SAML is an implementation of FIM..

I'm going with B, it says across an organization. SSO is within an organisation by using SAML whereas FIM is across multiple organisation according to my knowledge.