CompTIA CASP+ Practice Test

In a scenario requiring minimal data sharing among partner companies, what identity solution is best?

• A. Single Sign-On (SSO)
• B. Federated identity solution with IdP
• C. Role-Based Access Control (RBAC)
• D. Active Directory Federation Services (ADFS)

The correct answer is: Federated identity solution with IdP

In scenarios where minimal data sharing is needed among partner companies, a federated identity solution with an Identity Provider (IdP) is often the best choice. This approach allows organizations to maintain control over their internal identities and access rights while enabling limited access to specific resources for partner organizations. A federated identity solution facilitates a system where two or more organizations can share access permissions securely without needing to exchange data extensively between them. Each organization retains its own identity management system, which can be linked, allowing for authentication and access control to be managed while limiting exposure of internal user data. This method also enhances security by allowing organizations to define strict access controls, ensuring that partners can access only what is absolutely necessary. Clients are authenticated through the IdP, which makes the process streamlined and reduces the risks associated with extensive data sharing. Other options might allow for overall access control or single sign-on capabilities, but they do not provide the same level of security and control tailored for scenarios with strict data sharing limitations as a federated identity solution does. For instance, Single Sign-On is great for ease of access within a single organization and may not have the nuanced access controls needed for collaboration with partners. Similarly, Active Directory Federation Services serves to extend authentication across domains but may not align