CompTIA
CV0-003 · Question #487
CV0-003 Question #487: Real Exam Question with Answer & Explanation
The correct answer is A: add Company B's user account management system to the federated identity system. Federated identity allows Company B's existing identity provider to be trusted by Company A's systems, enabling access without creating duplicate accounts.
Security
Question
Company A recently acquired Company B. A cloud administrator needs to give access to the accounting and time-reporting systems for Company B's employees. Company A's employees use a single account to access both systems. To give access to Company B's employees, the cloud administrator should:
Options
- Aadd Company B's user account management system to the federated identity system
- Bcreate a new account in each system for Company B's employees and distribute the credentials
- Ccreate a shared account named "Company B" and distribute the credentials to those who need
- Dadd new accounts in Company A's account management system, mirroring those in Company B's
Explanation
Federated identity allows Company B's existing identity provider to be trusted by Company A's systems, enabling access without creating duplicate accounts.
Common mistakes.
- B. Creating new accounts in each system defeats the purpose of federated identity and introduces unmanageable credential sprawl requiring ongoing manual synchronization.
- C. A shared account eliminates individual accountability, violates the principle of least privilege, and is a security anti-pattern that auditors would flag.
- D. Mirroring accounts in Company A's system creates duplicate identity management overhead and requires ongoing manual updates whenever Company B adds, changes, or removes users.
Concept tested. Federated identity for cross-organization SSO access
Reference. https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/whatis-fed
Topics
#federated identity#SSO#identity management#access control
Community Discussion
No community discussion yet for this question.