CISSP Question #1219: Real Exam Question with Answer & Explanation

Question

Which of the following BEST describes centralized identity management?

Options

• AService providers rely on a trusted third party (TTP) to provide requestors with both credentials
• BService providers agree to integrate identity system recognition across organizational boundaries.
• CService providers identify an entity by behavior analysis versus an identification factor.
• DService providers perform as both the credential and identity provider (IdP).

Explanation

Centralized identity management means a single authority handles both credential issuance and identity verification, consolidating control in one system rather than distributing it across multiple parties.

Common mistakes.

• A. Relying on a trusted third party (TTP) to provide credentials describes a federated or third-party identity model, not centralized management, because trust is delegated externally rather than consolidated in one provider.
• B. Integrating identity system recognition across organizational boundaries describes federated identity management (e.g., SAML or OIDC federation), where multiple organizations agree to trust each other's identity systems rather than centralizing control.
• C. Identifying an entity through behavioral analysis describes a behavioral biometrics or continuous authentication approach, which is an authentication method rather than a model of identity management centralization.

Concept tested. Centralized vs. federated identity management models

Reference. https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/identity-fundamental-concepts

No community discussion yet for this question.