Oracle Identity and Access Management Suite 11g Essentials — Question 4

Which of the following statements are true about the XACML standard and architecture?

Answer options

• A. The Policy Enforcement Point (PEP) is where permit / deny access decisions are made.
• B. The Policy Information Point (PIP) provides information such as user attributes or environmental data that may be used to make access control decisions.
• C. XACML defines an XML schema used to represent rules for access control.
• D. XACML defines a TCP protocol used to communicate messages between Policy Enforcement Points.
• E. SAML assertions can be used to carry XACML authorization decisions.

Correct answer: A, B, C, E

Explanation

The correct answers A, B, C, and E accurately describe key components and functionalities of the XACML standard. Option D is incorrect as XACML does not define a TCP protocol; it uses HTTP for communication instead.