101 · Question #517
An administrator needs a data a format that is support authentication against an external security domain. The data format must format support SSO. Which data format should the administrator choose?
The correct answer is C. SAML. SAML (Security Assertion Markup Language) is the correct data format for federating authentication across external security domains and enabling Single Sign-On.
Question
An administrator needs a data a format that is support authentication against an external security domain. The data format must format support SSO. Which data format should the administrator choose?
Options
- AAAA
- BKerberos
- CSAML
- DEAP
How the community answered
(60 responses)- A3% (2)
- B2% (1)
- C95% (57)
Why each option
SAML (Security Assertion Markup Language) is the correct data format for federating authentication across external security domains and enabling Single Sign-On.
AAA (Authentication, Authorization, and Accounting) is a security framework and architectural concept, not a data format, and does not natively support cross-domain SSO.
Kerberos is a network authentication protocol using tickets within a single domain or tightly coupled realms - it is not a data format and is not designed for federated cross-domain SSO in web contexts.
SAML is an XML-based open standard specifically designed to exchange authentication and authorization data between an identity provider (IdP) and a service provider (SP) across different security domains. It natively supports SSO by allowing users to authenticate once at the IdP and access multiple services without re-authenticating, making it the purpose-built format for this use case.
EAP (Extensible Authentication Protocol) is a framework used for network access authentication (e.g., Wi-Fi, 802.1X) and does not provide a data format for cross-domain federated SSO.
Concept tested: SAML for federated SSO across security domains
Source: https://learn.microsoft.com/en-us/azure/active-directory/develop/single-sign-on-saml-protocol
Topics
Community Discussion
No community discussion yet for this question.