CISSP Question #876: Real Exam Question with Answer & Explanation

Sign in or unlock CISSP to reveal the answer and full explanation for question #876. The question stem and answer options stay visible for context.

Submitted by certguy· Mar 5, 2026Identity and Access Management

Question

Single sign-on (SSO) for federated identity management (FIM) must be implemented and managed so that authorization mechanisms protect access to privileged information using OpenID Connect (OIDC) token or Security Assertion Markup Language (SAML) assertion. What is the BEST method to use to protect them?

Options

APass data in a bearer assertion, only signed by the identity provider.
BTokens and assertion should use base64 encoding to assure confidentiality.
CUse a challenge and response mechanism such as Challenge Handshake Authentication
DThe access token or assertion should be encrypted to ensure privacy.

Unlock CISSP to see the answer

You've previewed enough free CISSP questions. Unlock CISSP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CISSP - $49.99 / 30 days Sign in

Topics

#Federated identity#SSO#SAML#OIDC#Token security#Encryption

Full CISSP Practice Browse All CISSP Questions