nerdexam
(ISC)2

CISSP · Question #534

When using Security Assertion markup language (SAML), it is assumed that the principal subject

The correct answer is D. enrolls with at least one identity provider.. When using Security Assertion Markup Language (SAML), it is assumed that the principal subject enrolls with at least one identity provider. The principal subject is the entity that requests access to a resource or service, such as a user, device, or application. The identity prov

Submitted by saadiq_pk· Mar 5, 2026Identity and Access Management

Question

When using Security Assertion markup language (SAML), it is assumed that the principal subject

Options

  • Aaccepts persistent cookies from the system.
  • Ballows Secure Sockets Layer (SSL) for data exchanges.
  • Cis on a system that supports remote authorization.
  • Denrolls with at least one identity provider.

How the community answered

(24 responses)
  • B
    4% (1)
  • C
    4% (1)
  • D
    92% (22)

Explanation

When using Security Assertion Markup Language (SAML), it is assumed that the principal subject enrolls with at least one identity provider. The principal subject is the entity that requests access to a resource or service, such as a user, device, or application. The identity provider is the entity that authenticates and asserts the identity and attributes of the principal subject, such as a directory service, a certificate authority, or a social media platform. The principal subject must enroll with the identity provider and obtain a credential, such as a username, password, token, or certificate, that can be used to prove its identity and authorization.

Topics

#SAML#identity provider#federated identity#SSO

Community Discussion

No community discussion yet for this question.

Full CISSP Practice