nerdexam
ExamsCAS-001Questions#5
CompTIA

CAS-001 · Question #5

CAS-001 Question #5: Real Exam Question with Answer & Explanation

The correct answer is A: The browser asks the SP for a resource.. In the SAMLv2 authentication flow, the very first step of an unauthenticated transaction is that the browser (user) requests a resource from the Service Provider (SP) (A). Since the user has no existing session, the SP detects that the user is unauthenticated and redirects the br

Question

Which of the following is true about an unauthenticated SAMLv2 transaction?

Options

  • AThe browser asks the SP for a resource.
  • BThe browser asks the IdP for a resource.
  • CThe browser asks the IdP to validate the user.
  • DThe browser asks the SP to validate the user.

Explanation

In the SAMLv2 authentication flow, the very first step of an unauthenticated transaction is that the browser (user) requests a resource from the Service Provider (SP) (A). Since the user has no existing session, the SP detects that the user is unauthenticated and redirects the browser to the Identity Provider (IdP) for authentication. The browser does not initiate contact with the IdP directly (B, C, D) - it is redirected there by the SP. This SP-first flow is a core characteristic of SP-initiated SAML SSO. Understanding this sequence is essential: SP receives the request → SP redirects to IdP → user authenticates at IdP → IdP issues SAML assertion → browser posts assertion to SP → SP grants access.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-001 Practice