ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-501 All Questions

View all questions & answers for the SY0-501 exam
Go to Exam

Exam SY0-501 topic 1 question 957 discussion

Actual exam question from CompTIA's SY0-501
Question #: 957
Topic #: 1
[All SY0-501 Questions]

A security engineer at a manufacturing company is implementing a third-party cloud application. Rather than creating users manually in the application, the engineer decides to use the SAML protocol. Which of the following is being used for this implementation?

  • A. The manufacturing company is the service provider, and the cloud company is the identity provider.
  • B. The manufacturing company is the authorization provider, and the cloud company is the service provider.
  • C. The manufacturing company is the identity provider, and the cloud company is the OAuth provider.
  • D. The manufacturing company is the identity provider, and the cloud company is the service provider.
  • E. The manufacturing company is the service provider, and the cloud company is the authorization provider.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by dgse at Nov. 10, 2020, 9:03 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Abdoucne
Highly Voted 4 years, 5 months ago
Correct answer D. The manufacturing company is the identity provider, and the cloud company is the service provider.
upvoted 28 times
...
b4ssey
Highly Voted 4 years, 5 months ago
You would find the solutions to your problem in objective 4.2. For example- you want to create an account with Instagram, there is an option to register using your google or yahoo account. Instagram then takes your identity details from your gmail/ymail and uses it in your Instagram account. Instagram==Manufacturing company==Service providers G/Ymail==Cloud services===Identity providers
upvoted 8 times
Heymannicerouter
4 years ago
Uh no, manufacturing company is using a cloud app, so the cloud vendor is the service provider; there fore the identity provider is the manufacturing company.
upvoted 1 times
...
...
Brittle
Most Recent 3 years, 11 months ago
Confusion. All the explanations seem right. But my heart is telling me D
upvoted 2 times
troxel
3 years, 10 months ago
It has to be D ... " implementing a third-party cloud application" The application is in the cloud. Poorly worded question no less. Comptia needs some competition.
upvoted 2 times
...
...
zadams16
4 years, 2 months ago
This has to be D. Think about it like this. I log into my schools portal which then can give me access to email which uses gmail. They don't have to create me as a user on the portal and the email provider. They just create my profile on temple portal (identity provider) and pass the credentials over via SAML which then gives me access to the service which is gmail.
upvoted 3 times
...
Ashchamp
4 years, 3 months ago
A service provider(cloud app) needs the authentication from the identity provider(manufacturing company) to grant authorization to the user. An identity provider performs the authentication that the end user is who they say they are and sends that data to the service provider along with the user's access rights for the service.
upvoted 3 times
...
MikeDuB
4 years, 5 months ago
Based off this video: https://www.youtube.com/watch?v=gUmMcecHN9s I'd have to go with D
upvoted 2 times
certpro
4 years, 4 months ago
According to this video, manufacturing company = service provider as it implementing cloud application , just like salesforce is a cloud application, so, given is correct A
upvoted 6 times
ma66_726526
4 years, 4 months ago
I too would go for D. @certpro this article might make things clear https://help.salesforce.com/articleView?id=sso_saml_setting_up.htm&type=5 "When you configure Salesforce as the service provider using SAML, authenticated users can flow from an external identity provider into Salesforce" Here, Salesforce is the third-party cloud app.
upvoted 3 times
certpro
4 years, 4 months ago
make snese, thanks
upvoted 2 times
...
...
...
...
Kalich
4 years, 5 months ago
according to a Security book, SAML is used to exchange authentication and authorization information between identity providers and service providers.
upvoted 2 times
...
Abdoucne
4 years, 5 months ago
Changed my Mind, the question is tricky. ..."Rather than creating users manually in the application" So correct answer will be A
upvoted 4 times
...
dgse
4 years, 6 months ago
If I understand well the question, the engineer is deploying an application at a cloud provider and is using SAML to authenticate the users against the manufacturing company's AD or LDAP server. In this case, the manufacturing company is IdP and the cloud company is SP.
upvoted 7 times
who__cares123456789___
4 years, 4 months ago
A is correct if you believe professor messer!! https://www.youtube.com/watch?v=tjYJNDbI6wk
upvoted 1 times
who__cares123456789___
4 years, 4 months ago
The "service provider" is the entity that owns/has the service you need access to, like a proprietary application or a web server. The "identity provider" is the 3rd party that has the "authorization server" which contains the credentials. You ask for resource from "serv prov" they send you a request form(actually a signed redirect), which you then send on to the "id prov"...id provider has you enter credentials and if authorized, you get a token(digitally signed by id provider) that you then hand off to service provider and you are allowed acess!!! Argue with it if you want, IDC... A is correct. Sorry bout your luck!!
upvoted 1 times
Lumeya
4 years, 4 months ago
The cloud company has the authentication information. In SAML, This company is referred to as Identity Provider because it contains the identities and logging credentials.
upvoted 1 times
...
Heymannicerouter
4 years ago
They're using a cloud app, therefore the cloud vendor is the service provider.
upvoted 2 times
...
...
Lumeya
4 years, 4 months ago
I believe professor Messer! It's A.
upvoted 1 times
Freddie26
4 years ago
You've misunderstood him. IdP in this case is the manufacturing company. It's their AD DB that is being used to authenticate users. The "Service Provider" is the Cloud App. A user from the manufacturing company won't need to log in with another username and password. When they connect to the app, a request is forwarded over to the the Identity Provider.
upvoted 2 times
...
...
bobthebuilder55110
4 years, 3 months ago
well, look at it this way for example you are that engineer who is implementing a third party cloud application (for ex something like dashboarding tool created by abc company), you implement it to your organization, you want your employee to access it using federation and not create separate username and password. Now who is providing the service? that abc is the service provider you implement it but where is the service provided from? from the abc company . Now look at the option A "the cloud company is the identity provider" NO, THAT NOT RIGHT, we are using the federation to get into the cloud application, we do not have any username or password to get into the cloud application. So the cloud company can be the service provider and it can also be the authorization provider becoz we want to get into the cloud application and that application will be the one to authorize us to get inside, so I think the answer is D , since we might use the company username and password (identity provider ) to get into the cloud application.
upvoted 1 times
...
Load full discussion...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago