CompTIA Security+ (SY0-501) — Question 524

An organization needs to integrate with a third-party cloud application. The organization has 15000 users and does not want to allow the cloud provider to query its
LDAP authentication server directly. Which of the following is the BEST way for the organization to integrate with the cloud application?

Answer options

• A. Upload a separate list of users and passwords with a batch import.
• B. Distribute hardware tokens to the users for authentication to the cloud.
• C. Implement SAML with the organization's server acting as the identity provider.
• D. Configure a RADIUS federation between the organization and the cloud provider.

Correct answer: D

Explanation

The correct answer is D because configuring a RADIUS federation allows for secure authentication without exposing the LDAP server directly to the cloud provider. Option A is not secure as it involves direct sharing of user credentials, B does not integrate well with cloud applications, and C, while a viable option, may not provide the same level of security and flexibility as RADIUS in this specific scenario.