Which of the following authentication protocols should the organization implement to support these requirements?

An organization is implementing a new identity and access management architecture with the following objectives:

Supporting MFA against on-premises infrastructure

Improving the user experience by integrating with SaaS applications

Applying risk-based policies based on location

Performing just-in-time provisioning

Which of the following authentication protocols should the organization implement to support these requirements?
A . Kerberos and TACACS
B . SAML and RADIUS
C . OAuth and OpenID
D . OTP and 802.1X

View Answer

Answer: C

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/migrate-application-authentication-to-azure-active-directory

OAuth and OpenID are two authentication protocols that can support the objectives of the organization. OAuth is a protocol that allows users to grant access to their resources on one site (or service) to another site (or service) without sharing their credentials. OpenID is a protocol that allows users to use an existing account to sign in to multiple websites without creating new passwords. Both protocols can support MFA, SaaS integration, risk-based policies, and just-in-time provisioning.

Reference: https://auth0.com/docs/protocols/oauth2 https://openid.net/connect/