Valid CISSP Dumps shared by EduDump.com for Helping Passing CISSP Exam! EduDump.com now offer the newest CISSP exam dumps, the EduDump.com CISSP exam questions have been updated and answers have been corrected get the newest EduDump.com CISSP dumps with Test Engine here:
A security professional has been assigned to assess a web application. The assessment report recommends switching to Security Assertion Markup Language (SAML). What is the PRIMARY security benefit in switching to SAML?
Correct Answer: C
SAML is an XML-based standard for exchanging authentication and authorization data between different parties, such as a service provider and an identity provider. SAML enables single sign-on (SSO) for web applications, which means that users can access multiple services with one set of credentials. SAML also improves security by not passing the users' password during authentication, but instead using assertions that contain information about the user's identity and attributes. SAML assertions are digitally signed and encrypted to ensure their integrity and confidentiality. SAML does not use TLS to address confidentiality, although it can be used as an additional layer of protection. SAML does not limit unnecessary data entry on web forms, although it can reduce the need for users to enter their credentials repeatedly. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 5: Identity and Access Management, page 291. Official (ISC)2 CISSP CBK Reference, Fifth Edition, Domain 5: Identity and Access Management (IAM), page 609.