YouTube
shieldCISSP Practice Domain 5 — Identity and Access Management (IAM) Q29 of 120

What is the PRIMARY purpose of a federated identity system?

A CISSP practice question covering Domain 5: Identity and Access Management (IAM). Try answering before reading the explanation below.

Show options & answer
A
Force password complexity across organizations
B
Allow users to authenticate once and access multiple organizations' resources
✓ Correct answer
C
Replace the need for multifactor authentication
D
Centralize all user passwords in one database
Why "Allow users to authenticate once and access multiple organizations' resources" is the right answer

Federation lets identity be vouched for across security domains — the home IdP authenticates, partner SPs trust the assertion. SAML, OIDC, and WS-Federation are common protocols. It does not consolidate password storage; each org keeps its own IdP.

Study videos for this topic

Want to go deeper on Domain 5? Watch the full breakdown — every video is free, no account, no upsell.

CISSP Domain 5: Authentication, MFA & Passkeys
Domain 5 — Identity and Access Management (IAM)
CISSP Domain 5: SSO, SAML, OAuth, OIDC & Kerberos
Domain 5 — Identity and Access Management (IAM)
CISSP Domain 5: DAC, MAC, RBAC, ABAC Explained
Domain 5 — Identity and Access Management (IAM)
CISSP Domain 5: Identity Lifecycle & PAM Explained
Domain 5 — Identity and Access Management (IAM)
Take the full CISSP practice test
120 questions, instant explanations, study-video links on every miss. No account.
Start full test →

Other practice tests

All practice tests CISSP videos Glossary