Free ISC2 CCSP Actual Exam Questions - Question 6 Discussion
information can be accessed--and to a certain extent, through what means.
Which of thefollowingis NOTsomething that firewalls are concernedwith?
C imo, because the user’s organization vouches for their identity directly.
It’s D because federated identity often means using a third-party system like an identity provider separate from your home org or the app itself to handle authentication securely.
C. It’s usually the user’s home organization that handles authentication, not the cloud provider or the app itself. The third-party option is more like a middleman, but the key is the identity origin.
I’m thinking it’s not B because the app usually trusts another source for authentication. C sounds right if you consider the home org as that trusted source, but can’t it also be D depending on the federation? Could C and D both be valid?
Maybe D? The question’s a bit confusing since both C and D could kinda fit depending on the setup, but normally with federated identity, the user authenticates through a third-party system that all apps trust. What did everyone else go with?