Exam SY0-501 topic 1 question 955 discussion

SAML doesn't provide authentication tho. Isn't this OAuth because it uses tokens

Answer A Everyone experiences this option, for example you need access a website, the website asks you do you prefer access via your facebook account or Google account. Here you are no use password and username to connect to third party website.

oauth still need to key in password. you authenticate against google/facebook. and its authorization protocol

Only possible

A. OAuth Security assertion markup language (SAML) is an authentication process. Head to work in the morning and log into your computer, and you've likely used SAML. Open authorization (OAuth) is an authorization process. Use it to jump from one service to another without tapping in a new username and password. If you're logged into Google and used those credentials for Hootsuite, you've used OAuth.

Key word is the focus is on application or user?? The question. Says employees need to access meaning the focus is on people so it is SAML. But if the focus was on application it would have been ouath Security assertion markup language (SAML) is an authentication process. Head to work in the morning and log into your computer, and you've likely used SAML. Open authorization (OAuth) is an authorization process. Use it to jump from one service to another without tapping in a new username and password. If you're logged into Google and used those credentials for Hootsuite, you've used OAuth. Both applications can be used for web single sign on (SSO), but SAML tends to be specific to a user, while OAuth tends to be specific to an application. The two are not interchangeable, so instead of an outright comparison, we’ll discuss how they work together.

key word "third-party"

Looks like provided answer might be right. SAML has also been used for letting third-party applications authenticate to a host application (e.g., a gaming application that authenticates to a social network in which the game resides). Over the years, several security issues with the SAML protocol have been reported [66, 67]. The specific SAML implementation for Google applications was broken in 2008 As an example of a SAML implementation, Amazon Web Services (AWS) can function as a SAML service provider. This allows companies using AWS to develop cloud applications to manage their customers' user identities and provide them with permissions on AWS without having to create accounts for them on AWS directly. References: 1. https://www.diva-portal.org/smash/get/diva2:921172/FULLTEXT01.pdf 2. COM501B

Answer is SSO

SAML was answer we came to in class professor said that the question changed answers from oauth to saml.

implement secure authentication to third-party websites without users' passwords , only SSO provide authentication, the question does not state both authentication and authorization if it was, the answer will be SAML it provide Authentication and authorization.

In the context of this question, main requirement appears to be "without users' passwords". My research goes with Option A. OAuth since SAML and SSO would require user to add credentials https://www.ubisecure.com/uncategorized/difference-between-saml-and-oauth/

The answer is correct. Only OAuth is not enough, must be Oauth + OpenID Connect (OIDC).

It's NOT OAuth. As per professor Messer notes and his video he states that OAuth is used to give authorization to the resources and it uses OpenID connect that handles the single sign on as an authentication and then OAuth decides what resources should be provided it is basically an authorization.

Same question from 601. It says A though. https://www.examtopics.com/discussions/comptia/view/42808-exam-sy0-601-topic-1-question-51-discussion/

The answer is correct (C), the analyst needs to establish secure authentication, so he needs to send data to a third-party website, So SAML is fine. OAuth is used for a final user can use his credentials in another web or service without sharing all of his identity. IE if a user wants to use his Facebook information to log in to the Local Supermarket. https://en.wikipedia.org/wiki/OAuth

So, OAuth does not deal with Authentication. So, in that case, SAML and SSO are valid options. Source: https://www.ubisecure.com/uncategorized/difference-between-saml-and-oauth/#:~:text=SAML%20(Security%20Assertion%20Mark%2Dup,doesn't%20deal%20with%20authentication.