Certified Information Systems Security Professional (CISSP) — Question 358

A security professional has been assigned to assess a web application. The assessment report recommends switching to Security Assertion Markup Language
(SAML). What is the PRIMARY security benefit in switching to SAML?

Answer options

• A. It enables single sign-on (SSO) for web applications.
• B. It uses Transport Layer Security (TLS) to address confidentiality.
• C. It limits unnecessary data entry on web forms.
• D. The users' password is not passed during authentication.

Correct answer: D

Explanation

The primary security advantage of SAML is that it allows for authentication without transmitting the user's password, which reduces the risk of password interception. While single sign-on (SSO) is beneficial, the key benefit here is the secure handling of passwords. The other options, such as TLS and reduced data entry, do not directly address the main security concern of password exposure.