Exam CISSP topic 1 question 106 discussion

The core thing of Federate is Trust among themselves.

We're talking about already established federation and ask is what defines FIM

Answer D) Federated identity management is a configuration that can be made between two or more trusted domains to allow consumers of those domains to access applications and services using the same digital identity https://www.loginradius.com/blog/identity/federated-identity-providers/

Federated identity management, also known as federated SSO, refers to the establishment of a trusted relationship between separate organizations and third parties, such as application vendors or partners, allowing them to share identities and authenticate users across domains.

in Federated Identity Management (FIM), the concept of federation involves the collection, maintenance, and deactivation of user objects and attributes in one or more systems, directories, or applications. A. Collection, maintenance, and deactivation of user objects and attributes in one or more systems, directories, or applications represents the concept of federation in FIM. It involves establishing trust relationships and mechanisms for securely exchanging user identity information across different systems or applications.

A appears to be correct since this has to do with Identity, aka users: Federated identity allows authorized users to access multiple applications and domains using a single set of credentials. https://www.onelogin.com/learn/federated-identity

D. Collection of domains that have established trust among themselves represents the concept of federation in Federated Identity Management (FIM). In FIM, federation is the process of connecting multiple domains or systems together, so that they can share and trust each other's identities. This enables users to access different systems and applications using a single set of credentials, without the need for multiple usernames and passwords. By establishing trust among domains, FIM enables a seamless and secure flow of identity information across multiple systems and organizations, allowing users to access resources they are authorized to access, with out the need to authenticate each time they access a new resource.

One or more Directory = Federation

CISSP All-In-One Exam Guide 9th Edition: ! User provisioning refers to the creation, maintenance, and deactivation of user objects and attributes as they exist in one or more systems, directories, or applications, in response to business processes. User provisioning software may include one or more of the following components: change propagation, self-service workflow, consolidated user administration, delegated user administration, and federated change control. User objects may represent employees, contractors, vendors, partners, customers, or other recipients of a service. Services may include e-mail, access to a database, access to a file server or database, and so on. ! So option A is a definition of User provisioning.

A. https://www.onelogin.com/learn/federated-identity Federated Identity Management (FIM) – works on the basis of mutual trust relationships between a Service Provider (SP) such as an application vendor and an external party or Identity Provider (IdP).

D is correct. FIM extends beyond a single organization. Multiple organizations can join a federation or group, where they agree to share identity information. Users in each organization can log on once in their own organization, and their credentials are matched with a federated Implementing Identity Management system. They can then use this federated identity to access resources in any other organization within the group. A federation can be composed of multiple organizations sharing resources, or any other group that can agree on a common federated identity management system. CISSP official study guide 9th edition - page 660

FIM is and can be used between multiple apps and domains

Vote for D.

Def. "D" Single Sign-On (SSO) = Trust

Answer is A. Please do not confuse with AD Federation with Federated Identity. Federated identity management systems offer single access to a number of applications across various enterprises.

D is right