CAS-001 · Question #340
CAS-001 Question #340: Real Exam Question with Answer & Explanation
The correct answer is A: XACML. XACML (eXtensible Access Control Markup Language) is an OASIS standard specifically and exclusively designed for expressing and evaluating access control policies. It defines a policy language and a request/response protocol for making access control decisions (permit or deny). I
Question
Options
- AXACML
- BKerberos
- CSPML
- DSAML
Explanation
XACML (eXtensible Access Control Markup Language) is an OASIS standard specifically and exclusively designed for expressing and evaluating access control policies. It defines a policy language and a request/response protocol for making access control decisions (permit or deny). It does nothing else. In contrast: Kerberos handles authentication (and implicitly some authorization), SPML handles identity provisioning (account creation/management), and SAML handles both authentication assertions and authorization decisions across federated systems. Because XACML's sole purpose is access control policy evaluation, it is the only protocol in the list that exclusively facilitates access control.
Community Discussion
No community discussion yet for this question.