CISSP · Question #1219
Which of the following BEST describes centralized identity management?
The correct answer is D. Service providers perform as both the credential and identity provider (IdP).. Centralized identity management means a single authority handles both credential issuance and identity verification, consolidating control in one system rather than distributing it across multiple parties.
Question
Which of the following BEST describes centralized identity management?
Options
- AService providers rely on a trusted third party (TTP) to provide requestors with both credentials
- BService providers agree to integrate identity system recognition across organizational boundaries.
- CService providers identify an entity by behavior analysis versus an identification factor.
- DService providers perform as both the credential and identity provider (IdP).
How the community answered
(56 responses)- A5% (3)
- B2% (1)
- C2% (1)
- D91% (51)
Why each option
Centralized identity management means a single authority handles both credential issuance and identity verification, consolidating control in one system rather than distributing it across multiple parties.
Relying on a trusted third party (TTP) to provide credentials describes a federated or third-party identity model, not centralized management, because trust is delegated externally rather than consolidated in one provider.
Integrating identity system recognition across organizational boundaries describes federated identity management (e.g., SAML or OIDC federation), where multiple organizations agree to trust each other's identity systems rather than centralizing control.
Identifying an entity through behavioral analysis describes a behavioral biometrics or continuous authentication approach, which is an authentication method rather than a model of identity management centralization.
In centralized identity management, the service provider acts as both the credential store and the Identity Provider (IdP), meaning all authentication and identity decisions are managed within a single, unified system. This centralization gives one entity full control over user identities and access credentials without delegating trust to external parties. This contrasts with federated or distributed models where these roles are separated.
Concept tested: Centralized vs. federated identity management models
Source: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/identity-fundamental-concepts
Topics
Community Discussion
No community discussion yet for this question.