Certificate of Cloud Security Knowledge (CCSK) 2025 – 400 Free Practice Questions to Pass the Exam

The correct choice highlights the concept of federated identity management, which is critical when discussing delegated user authentication and authorization. Federation enables different security domains or organizations to share user identity information, allowing users to access systems and resources across multiple environments without needing to create separate credentials for each one.

In a federated system, a user can authenticate with a central identity provider that grants them access to various services provided by different service providers. This streamlining enhances user experience and increases security by reducing the number of credentials a user must manage.

While OAuth is also a standard related to authorization, it is specifically designed for granting third-party applications limited access to user resources without exposing credentials. JWT (JSON Web Token) is a compact way to represent claims, often used in conjunction with OAuth, but it does not focus specifically on the federation of authentication. Kerberos, a network authentication protocol, primarily deals with verifying user identities and does not facilitate delegated access across non-trusted domains like federated approaches do. Thus, federation is the most fitting standard among the options presented for user authentication and authorization delegation.