CISSP Question #495: Real Exam Question with Answer & Explanation

Question

An organization wants to enable uses to authenticate across multiple security domains. To accomplish this they have decided to use Federated Identity Management (FIM). Which of the following is used behind the scenes in a FIM deployment?

Options

• AStandard Generalized Markup Language (SGML)
• BExtensible Markup Language (XML)
• CSecurity Assertion Markup Language (SAML)
• DTransaction Authority Markup Language (XAML)

Explanation

Security Assertion Markup Language (SAML) is used behind the scenes in a Federated Identity Management (FIM) deployment. FIM is a model of identity management that allows users to authenticate across multiple security domains, such as different organizations, applications, or services, using a single set of credentials. FIM enables interoperability and trust among the security domains, which are also called identity providers (IdPs) and service providers (SPs). SAML is a standard protocol that is used to exchange authentication and authorization information between IdPs and SPs in a FIM deployment. SAML uses XML-based messages, called assertions, to convey the identity, attributes, and entitlements of the users to the SPs, so that the SPs can grant or deny access to the users based on the assertions. SAML also defines the protocols, bindings, and profiles for the communication and exchange of the assertions between IdPs and SPs. SAML can simplify and streamline the user authentication and access management process, as well as enhance the security and privacy of the user data. Standard Generalized Markup Language (SGML), Extensible Markup Language (XML), and Extensible Application Markup Language (XAML) are not used behind the scenes in a FIM deployment, as they are not protocols for identity management, but rather languages for defining or structuring documents or applications.

No community discussion yet for this question.