Certified Information Systems Security Professional (CISSP) — Question 303
A company needs to provide employee access to travel services, which are hosted by a third-party service provider. Employee experience is important, and when users are already authenticated, access to the travel portal is seamless. Which of the following methods is used to share information and grant user access to the travel portal?
Answer options
- A. Single sign-on (SSO) access
- B. Security Assertion Markup Language (SAML) access
- C. Open Authorization (OAuth) access
- D. Federated access
Correct answer: D
Explanation
The correct answer is D, Federated access, as it allows for seamless access across different domains and systems without requiring multiple logins. Single sign-on (SSO) is similar but typically operates within a single organization. SAML and OAuth are protocols used for authentication and authorization but do not directly address the seamless access across different platforms that federated access provides.