CompTIA Security+ (SY0-501) — Question 188

An organization is moving its human resources system to a cloud services provider.
The company plans to continue using internal usernames and passwords with the service provider, but the security manager does not want the service provider to have a company of the passwords.
Which of the following options meets all of these requirements?

Answer options

• A. Two-factor authentication
• B. Account and password synchronization
• C. Smartcards with PINS
• D. Federated authentication

Correct answer: D

Explanation

Federated authentication allows the organization to authenticate users without sharing their passwords with the cloud service provider. This method maintains the security of internal credentials while providing access to the external service. The other options either require sharing passwords or do not meet the specified requirement of not allowing the service provider access to the passwords.