nerdexam
(ISC)2

CISSP · Question #1408

A company needs to provide shared access of sensitive data on a cloud storage to external business partners. Which of the following identity models is the BEST to blind identity providers (IdP) and re

The correct answer is B. Proxied federation. Proxied federation is a type of identity federation model that is best suited for providing shared access of sensitive data on a cloud storage to external business partners, while blinding the identity providers and relying parties from each other. In proxied federation, a third-

Submitted by yaw92· Mar 5, 2026Identity and Access Management

Question

A company needs to provide shared access of sensitive data on a cloud storage to external business partners. Which of the following identity models is the BEST to blind identity providers (IdP) and relying parties (RP) so that subscriber lists of other parties are not disclosed?

Options

  • AFederation authorities
  • BProxied federation
  • CStatic registration
  • DDynamic registration

How the community answered

(61 responses)
  • A
    10% (6)
  • B
    82% (50)
  • C
    2% (1)
  • D
    7% (4)

Explanation

Proxied federation is a type of identity federation model that is best suited for providing shared access of sensitive data on a cloud storage to external business partners, while blinding the identity providers and relying parties from each other. In proxied federation, a third-party entity, called the proxy, acts as an intermediary between the identity providers and relying parties, and handles the authentication and authorization requests and responses on their behalf. The proxy does not disclose the subscriber lists of the identity providers or relying parties to each other, and only shares the necessary attributes or claims to enable the access. The proxy also provides a single point of management, auditing, and policy enforcement for the federation.

Topics

#federated identity#proxied federation#identity providers#data privacy

Community Discussion

No community discussion yet for this question.

Full CISSP Practice