ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 194 discussion

Actual exam question from ISC's CISSP
Question #: 194
Topic #: 1
[All CISSP Questions]

A cloud service accepts Security Assertion Markup Language (SAML) assertions from users to exchange authentication and authorization data between security domains. However, an attacker was able to spoof a registered account on the network and query the SAML provider. What is the MOST common attack leveraged against this flaw?

  • A. Attacker leverages SAML assertion to register an account on the security domain.
  • B. Attacker forges requests to authenticate as a different user.
  • C. Attacker exchanges authentication and authorization data between security domains.
  • D. Attacker conducts denial-of-service (DoS) against the security domain by authenticating as the same user repeatedly.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by rdy4u at Oct. 28, 2022, 5:04 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Soleandheel
10 months, 1 week ago
B. Attacker forges requests to authenticate as a different user.
upvoted 1 times
...
74gjd_37
1 year ago
Selected Answer: B
By spoofing a registered account and querying the SAML provider, the attacker can forge requests to authenticate as a different user and potentially gain unauthorized access to sensitive data or systems.
upvoted 2 times
...
DJOEK
1 year, 9 months ago
Selected Answer: B
The MOST common attack leveraged against this flaw would be the attacker forging requests to authenticate as a different user (option B). This type of attack is known as a SAML spoofing attack, where the attacker is able to impersonate a legitimate user by sending a forged SAML assertion to the cloud service. This can allow the attacker to gain unauthorized access to resources within the security domain.
upvoted 2 times
jackdryan
1 year, 5 months ago
B is correct
upvoted 1 times
...
...
Jamati
1 year, 11 months ago
Selected Answer: B
This is a silver ticket attack.
upvoted 2 times
sausageman
1 year, 7 months ago
Silver ticket is for Kerberos not for SAML
upvoted 2 times
...
...
rdy4u
1 year, 11 months ago
Selected Answer: B
There is privilege escalation issues through SAML response tampering. https://www.mcafee.com/blogs/enterprise/pentesters-can-take-advantage-weakness-saml/
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago