nerdexam
ExamsCAS-002Questions#97
CompTIA

CAS-002 · Question #97

CAS-002 Question #97: Real Exam Question with Answer & Explanation

The correct answer is C: Identity provider and service provider. The core SAML roles are Identity Provider (IdP) and Service Provider (SP), which together enable federated single sign-on across security domains.

Question

SAML entities can operate in a variety of different roles. Valid SAML roles include which of the following?

Options

  • AAttribute authority and certificate authority
  • BCertificate authority and attribute requestor
  • CIdentity provider and service provider
  • DService provider and administrator

Explanation

The core SAML roles are Identity Provider (IdP) and Service Provider (SP), which together enable federated single sign-on across security domains.

Common mistakes.

  • A. Certificate Authority (CA) is a PKI role, not a SAML role. While SAML uses X.509 certificates, a CA is not a defined SAML entity role in the specification.
  • B. 'Attribute requestor' and 'certificate authority' are not defined SAML entity roles - the SAML specification defines attribute authority separately, and CA is a PKI construct outside SAML's role model.
  • D. 'Administrator' is not a defined SAML entity role - the SAML 2.0 specification defines roles such as identity provider, service provider, and attribute authority, not administrative roles.

Concept tested. SAML 2.0 entity roles - identity provider and service provider

Reference. https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-002 Practice