nerdexam
(ISC)2

CISSP · Question #576

Which of the following BEST describes how access to a system is granted to federated user accounts?

The correct answer is B. Based on defined criteria by the Relying Party (RP). The access to a system is granted to federated user accounts based on defined criteria by the Relying Party (RP). A federated user account is a user account that is managed by an external entity, such as an Identity Provider (IdP), and that can be used to access multiple systems

Submitted by jordan8· Mar 5, 2026Identity and Access Management

Question

Which of the following BEST describes how access to a system is granted to federated user accounts?

Options

  • AWith the federation assurance level
  • BBased on defined criteria by the Relying Party (RP)
  • CBased on defined criteria by the Identity Provider (IdP)
  • DWith the identity assurance level

How the community answered

(39 responses)
  • B
    95% (37)
  • C
    3% (1)
  • D
    3% (1)

Explanation

The access to a system is granted to federated user accounts based on defined criteria by the Relying Party (RP). A federated user account is a user account that is managed by an external entity, such as an Identity Provider (IdP), and that can be used to access multiple systems or services across different domains, such as a Relying Party (RP). A federated user account can provide a seamless and secure user experience, as it eliminates the need for the user to create and maintain multiple user accounts and passwords for different systems or services. A federated user account can also enhance the privacy and the protection of the user's identity and data, as it reduces the amount of information that is shared between the IdP and the RP. The access to a system is granted to federated user accounts based on defined criteria by the RP, which is the system or the service that relies on the IdP to authenticate and authorize the user. The RP can define the criteria for granting access to federated user accounts, such as the level of assurance, the attributes, the roles, or the permissions that are required for the user to access the system or the service. The RP can also verify the criteria for granting access to federated user accounts, such as by validating the digital signature, the certificate, or the token that is issued by the IdP to

Topics

#Federated identity#Relying Party#Identity Provider#Access granting

Community Discussion

No community discussion yet for this question.

Full CISSP Practice