Certified Information Systems Security Professional (CISSP) — Question 172

Which of the following are common components of a Security Assertion Markup Language (SAML) based federation system?

Answer options

• A. Client, Service Provider, identity provider (IdP), Token
• B. Client, Service Provider, Resource Server, Grant
• C. Client, Authorization Server, identity provider (IdP), Claim
• D. Client, Authorization Server, Resource Server, Assertion

Correct answer: A

Explanation

The correct answer, A, includes the essential components of a SAML federation system: the Client, Service Provider, identity provider (IdP), and Token. Options B and C introduce incorrect elements such as Resource Server and Grant, which are not part of the SAML framework. Option D includes Authorization Server and Assertion, which are also not standard components in a SAML implementation.