nerdexam
CSA

CCSK · Question #128

CCSK Question #128: Real Exam Question with Answer & Explanation

The correct answer is D. SAML. SAML is the primary open standard for federated identity in cloud environments, enabling authentication assertions to be exchanged across organizational boundaries.

Question

Prominent recommended standards to enable federation of identity in cloud environments include:

Options

  • AFIDO
  • BKerberos
  • CSSO
  • DSAML
  • EX.509

Explanation

SAML is the primary open standard for federated identity in cloud environments, enabling authentication assertions to be exchanged across organizational boundaries.

Common mistakes.

  • A. FIDO is a standard for passwordless and multi-factor authentication at the device level, not for federating identity assertions between separate organizational domains.
  • B. Kerberos is a ticket-based network authentication protocol designed for use within a single Kerberos realm or trusted domain and does not natively support cross-domain cloud federation.
  • C. SSO is a user experience outcome and architectural goal, not a protocol or standard - it describes what federation achieves rather than the mechanism used to achieve it.
  • E. X.509 defines the format for public key certificates used in PKI and TLS, but it is not a federation protocol and does not handle the exchange of identity assertions between providers.

Concept tested. Identity federation standards using SAML in cloud

Reference. https://learn.microsoft.com/en-us/entra/architecture/auth-saml

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CCSK Practice