PrepAway - Latest Free Exam Questions & Answers

which of the following will occur when users try to aut…

A company has three divisions, each with its own networks and services. The company decides to make its secure web portal accessible to all employees utilizing their existing usernames and passwords. The security administrator has elected to use SAML to support authentication.
In this scenario, which of the following will occur when users try to authenticate to the portal? (Select two.)

PrepAway - Latest Free Exam Questions & Answers

A.
The portal will function as a service provider and request an authentication assertion.

B.
The portal will function as an identity provider and issue an authentication assertion.

C.
The portal will request an authentication ticket from each network that is transitively trusted.

D.
The back-end networks will function as an identity provider and issue an authentication assertion.

E.
The back-end networks will request authentication tickets from the portal, which will act as the third-party service provider authentication store.

F.
The back-end networks will verify the assertion token issued by the portal functioning as the identity provider.

PrepAway - Latest Free Exam Questions & Answers

9 Comments on “which of the following will occur when users try to aut…

  1. blabla says:

    I think A & D are correct.

    User is the “principal”
    Portal is the “service provider” (NOT the Identity Provider).
    The back end networks each have their own Identity providers, so the back end networks will receive the SAML Request (AuthnRequest), and will return the SAML Assertion (SAMLResponse).




    1



    2
  2. blabla says:

    I think A and B are correct.

    A – service provider initiated
    SP creates Authentication Request and redirects the user to the IDp.

    B – iDp initiated
    The IDp created a saml response ( authentication assertion) and then sends to service provider.




    3



    1
  3. The Security Assertion Markup Language (SAML) provides a format for a client and
    server to exchange authentication and authorization data securely. SAML defines three
    roles for making this happen: principle, identity provider, and service provider. The client
    or user is often the principle. The principle wants something from the service provider
    (SP), the latter often a Web service of some kind. The identity provider (IdP) contains
    information that can assure the SP that the principle is legitimately who he says he
    is. Systems using SAML can use any number of methods for authentication, including
    passwords and user names.




    5



    1

Leave a Reply