28d • 🙋♂️ CISSP
CISSP Practice Question – Identity & Access Management (Federation and Trust Boundaries)
A global enterprise has implemented federated identity management using SAML between its internal Active Directory domain and multiple cloud SaaS providers. During testing, a partner organization asks to use the same SAML assertions from the enterprise’s identity provider (IdP) to access shared applications hosted in the partner’s environment.
Which of the following must the enterprise ensure FIRST before extending this trust?
A. The partner’s service provider (SP) certificate is issued by the same certificate authority (CA) as the enterprise’s IdP.
B. The partner’s SP enforces attribute-based access control (ABAC) using SAML attributes.
C. A formal trust agreement defines assertion validity, encryption standards, and identity-proofing responsibilities between both organizations.
D. The enterprise IdP is configured to issue assertions with short lifetimes (e.g., < 5 minutes) to limit misuse.
3
12 comments
CISSP Practice Question – Identity & Access Management (Federation and Trust Boundaries)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+30
3
+30
4
+26
5
+15
Powered by