nerdexam
CompTIA

CV0-003 · Question #869

A systems administrator needs to integrate authentication with a partner so the employees of two companies can access the environment with control and management. Which of the following configuration

The correct answer is B. Federation Services. Federation Services establishes a cross-organizational trust relationship so that employees from two separate companies can authenticate using their own identity provider to access a shared environment.

Security

Question

A systems administrator needs to integrate authentication with a partner so the employees of two companies can access the environment with control and management. Which of the following configuration types should the administrator execute in the authentication system?

Options

  • ASingle sign-on
  • BFederation Services
  • CMultifactor authentication
  • DKey management

How the community answered

(66 responses)
  • A
    5% (3)
  • B
    86% (57)
  • C
    2% (1)
  • D
    8% (5)

Why each option

Federation Services establishes a cross-organizational trust relationship so that employees from two separate companies can authenticate using their own identity provider to access a shared environment.

ASingle sign-on

Single sign-on allows a user to authenticate once and access multiple applications, but it does not establish the inter-organizational identity trust needed between two separate companies.

BFederation ServicesCorrect

Federation Services - such as Active Directory Federation Services (ADFS) or SAML 2.0 federation - creates a trust between two identity providers belonging to different organizations, allowing each company's users to present their home-organization credentials and receive access tokens valid in the partner environment. This is the correct solution because it enables controlled, managed cross-organizational authentication without requiring duplicate accounts. The administrator configures a relying-party trust and claims rules to govern exactly what access is granted.

CMultifactor authentication

Multifactor authentication adds a second verification factor to logins but does not create a trust relationship or enable cross-organizational identity federation.

DKey management

Key management covers the lifecycle of cryptographic keys and certificates and does not address the authentication trust or identity federation between two organizations.

Concept tested: Cross-organizational identity federation with Federation Services

Source: https://learn.microsoft.com/en-us/windows-server/identity/active-directory-federation-services

Topics

#federation services#identity management#cross-organization auth#SSO

Community Discussion

No community discussion yet for this question.

Full CV0-003 Practice