An organization is moving its human resources system to a cloud services provider. The company
plans to continue using internal usernames and passwords with the service provider, but the
security manager does not want the service provider to have a company of the passwords. Which

of the following options meets all of these requirements?

A.
Two-factor authentication

B.
Account and password synchronization

C.
Smartcards with PINS

D.
Federated authentication