(ISC)2(ISC)2
CCSP · Question #839
CCSP Question #839: Real Exam Question with Answer & Explanation
The correct answer is D: A standards for exchanging authentication and authorization data between security domains.. This question asks for the best description of SAML (Security Assertion Markup Language).
Submitted by certguy· Apr 18, 2026Cloud Platform & Infrastructure Security
Question
Which of the following best describes SAML?
Options
- AA standard used for directory synchronization
- BA standard for developing secure application management logistics
- CA standard for exchanging usernames and passwords across devices.
- DA standards for exchanging authentication and authorization data between security domains.
Explanation
This question asks for the best description of SAML (Security Assertion Markup Language).
Common mistakes.
- A. SAML is not primarily a standard for directory synchronization; that role is typically filled by protocols like LDAP or SCIM.
- B. SAML is an acronym for Security Assertion Markup Language and is not related to 'secure application management logistics.'
- C. SAML does not directly exchange usernames and passwords; instead, it exchanges assertions about a user's identity and attributes after they have been authenticated by an identity provider.
Concept tested. SAML authentication and authorization data exchange
Reference. https://learn.microsoft.com/en-us/azure/active-directory/develop/single-sign-on-saml-protocol
Topics
#SAML#Federated Identity#Authentication#Authorization
Community Discussion
No community discussion yet for this question.