CISSP · Question #1122
An organization wants a service provider to authenticate users via the users' organization domain credentials. Which markup language should the organization's security personnel use to support the int
The correct answer is A. Security Assertion Markup Language (SAML). The markup language that the organization's security personnel should use to support the integration of a service provider that authenticates users via the users' organization domain credentials is Security Assertion Markup Language (SAML). SAML is an XML-based standard that enab
Question
An organization wants a service provider to authenticate users via the users' organization domain credentials. Which markup language should the organization's security personnel use to support the integration?
Options
- ASecurity Assertion Markup Language (SAML)
- BYAML Ain't Markup Language (YAML)
- CHypertext Markup Language (HTML)
- DExtensible Markup Language (XML)
How the community answered
(50 responses)- A90% (45)
- B2% (1)
- C4% (2)
- D4% (2)
Explanation
The markup language that the organization's security personnel should use to support the integration of a service provider that authenticates users via the users' organization domain credentials is Security Assertion Markup Language (SAML). SAML is an XML-based standard that enables the exchange of authentication and authorization information between different entities, such as an identity provider (IdP) and a service provider (SP). SAML allows users to access multiple services with a single sign-on (SSO), without the need to create or manage separate accounts or credentials for each service. SAML uses assertions, which are statements that contain information about the user, such as the identity, attributes, or entitlements. The IdP generates and signs the assertions, and the SP validates and consumes the assertions. SAML can be used to implement federated identity management, which is a model that allows users to use their existing credentials from one domain to access resources from another domain.
Topics
Community Discussion
No community discussion yet for this question.