CISSP Exam QuestionsBrowse all questions from this exam

CISSP Exam - Question 471


When implementing single sign-on (SSO) on a network, which authentication approach BEST allows users to use credentials across multiple applications?

Show Answer
Correct Answer: D

Federated Identity Management is the best authentication approach that enables users to use their credentials across multiple applications. It involves the sharing of authentication and authorization data across multiple trusted domains or systems, allowing users to log in once and access various applications without needing to authenticate again. While Security Assertion Markup Language (SAML) is a protocol used within Federated Identity Management to exchange authentication and authorization data, Federated Identity Management itself is the broader and more comprehensive approach for implementing single sign-on (SSO) across multiple applications.

Discussion

14 comments
Sign in to comment
Delab202Option: D
Feb 11, 2024

D. Federated Identity Management. Federated Identity Management systems allow the identities to be used across multiple IT systems or organizations, enabling users to log in once (Single Sign-On) and gain access to all associated systems without being prompted to log in again at each of them. This approach is particularly effective for SSO implementations because it establishes trust between different domains, allowing for the secure sharing of identity information across those domains. Security Assertion Markup Language (SAML) is a protocol used within Federated Identity Management to exchange authentication and authorization data, but Federated Identity Management itself is the broader approach that best facilitates SSO across multiple applications.

Big_CatOption: B
Aug 3, 2023

No third party access here so SAML is the right answer. B

RollingalxOption: D
Mar 2, 2023

D is correct. FIM allows organizations to securely share user identity information between different systems and applications without the need for users to manage multiple sets of usernames and passwords.

DD2020
Mar 5, 2023

B is correct. Question says "on a network" but does not mention external applications, which would be FIM.

Rollingalx
Mar 26, 2023

I rectify, yes B is correct.

aleXplicitlyOption: B
Apr 14, 2023

No external entities mentioned, so SAML

jackdryan
May 14, 2023

B is correct

HughJassoleOption: A
Jun 14, 2023

A. The question is asking for "(SSO) on a network, which authentication approach BEST allows users to use credentials across multiple applications". So we're talking about an authentication approach, SAML is a protocol, so that's out. "Public Key Infrastructure (PKI) is a technology for authenticating users and devices " https://www.ssh.com/academy/pki Federated Identity is for connecting across multiple networks, so the only answer is A. https://www.securew2.com/blog/how-digital-certificates-enable-secure-single-sign-on-sso

samir45Option: D
Jun 21, 2023

The answer is D. Federated Identity Management. Federated Identity Management (FIM) is an authentication approach that allows users to use their credentials across multiple applications. FIM works by having a central identity provider (IdP) that authenticates users and then provides tokens to those users that can be used to access other applications.

printfmarceloOption: B
Aug 29, 2023

B is correct

Wz21Option: D
Nov 10, 2023

D. Security Assertion Markup Language (SAML): How it works: SAML is an XML-based standard for exchanging authentication and authorization data between parties, typically between an identity provider (IdP) and a service provider (SP). FIM involves the sharing of authentication and authorization across multiple trusted domains or systems.

Wz21Option: D
Nov 10, 2023

D. Federated Identity Management A. SAML is an XML-based standard for exchanging authentication and authorization data between parties, typically between an identity provider (IdP) and a service provider (SP). D. FIM involves the sharing of authentication and authorization across multiple trusted domains or systems.

SoleandheelOption: B
Dec 24, 2023

D. Security Assertion Markup Language (SAML): Federated Identity Management, on the other hand, typically applies when SSO needs to work across different organizations or domains. It involves multiple identity providers and service providers working together to enable SSO across organizational boundaries. So, in the context of a single organization's network, SAML is a strong choice for allowing users to use their credentials across multiple applications while maintaining security and convenience.

YesPleaseOption: A
Dec 28, 2023

Answer A) SAML C and D are basically the same, just different scopes. SAML is the approach just like if you were to use OAUTH

YesPleaseOption: B
Dec 28, 2023

Sorry, meant Answer B) SAML

dm808Option: D
Mar 29, 2024

FIM is an approach.. SAML is an implementation of FIM..

safriOption: B
Jun 10, 2024

I'm going with B, it says across an organization. SSO is within an organisation by using SAML whereas FIM is across multiple organisation according to my knowledge.