🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional49 / 124
Question 49 of 124
A financial services company deploys a dozen SaaS applications for its employees and wants to centralize authentication so users log in once with corporate credentials. The security team implements SAML-based federation with the corporate identity provider (IdP) issuing assertions to each SaaS relying party. During a design review, an architect warns that this federation model introduces a specific risk that must be mitigated. Which risk is MOST directly created by this federated SSO design, and what is the appropriate mitigation?
Reviewed for accuracy · Report an issueNext question