Exam SY0-701 topic 1 question 314 discussion

Chat GPT: The correct answer is D. Select an IdP (Identity Provider). The first step in reducing the number of credentials employees must maintain is to select an Identity Provider (IdP). An IdP centralizes authentication and allows users to log in once and gain access to multiple applications, usually through a single sign-on (SSO) mechanism. Once an IdP is in place, other technologies like SAML (Security Assertion Markup Language) or OAuth can be configured to manage authentication with the SaaS applications. A. Enable SAML is a protocol used for authentication, but it requires an IdP to manage authentication. B. Create OAuth tokens is a way to grant limited access to resources but also requires an IdP or similar system to manage identities. C. Use password vaulting is a temporary solution that stores passwords, but it doesn't reduce the need for multiple log-ins, nor does it provide the benefits of centralized identity management.

E.g. the below IdP tools that can access into Microsoft 365 , Zoom, ServiceNow etc: Microsoft Azure AD (now Entra ID) Okta OneLogin Google Cloud Identity Ping Identity Keycloak

I don't see how Identity Provider ties into reducing the number of credentials that a employee would maintain. I would go with password vaulting, because the vault controls who gets access to credentials.

The correct answer is D. Select an IdP (Identity Provider).

D. Select an IdP (Identity Provider) Selecting an IdP is the initial step in implementing Single Sign-On (SSO) or federated identity management, which will allow employees to use a single set of credentials to access multiple SaaS applications. After selecting an IdP, the security team can then enable SAML or other SSO protocols to integrate with the applications and manage authentication.

IdP - Identity Provider