CISSP Question #1141: Real Exam Question with Answer & Explanation

Sign in or unlock CISSP to reveal the answer and full explanation for question #1141. The question stem and answer options stay visible for context.

Submitted by certguy· Mar 5, 2026Identity and Access Management (IAM)

Question

A cloud service accepts Security Assertion Markup Language (SAML) assertions from users to on and security However, an attacker was able to spoof a registered account on the network and query the SAML provider. What is the MOST common attack leverage against this flaw?

Options

AAttacker forges requests to authenticate as a different user.
BAttacker leverages SAML assertion to register an account on the security domain.
CAttacker conducts denial-of-service (DoS) against the security domain by authenticating as the
DAttacker exchanges authentication and authorization data between security domains.

Unlock CISSP to see the answer

You've previewed enough free CISSP questions. Unlock CISSP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CISSP - $49.99 / 30 days Sign in

Topics

#SAML#authentication spoofing#identity federation#cloud security

Full CISSP Practice Browse All CISSP Questions