GIAC GCFR Exam - Topic 8 Question 55 Discussion

Actual exam question for GIAC's GCFR exam

Question #: 55
Topic #: 8

[All GCFR Questions]

At what point of the OAuth delegation process does the Resource Owner approve the scope of access to be allowed?

AAfter user credentials are accepted by the Authorization Server

BOnce the OAuth token is accepted by the Application

CWhen the Resource Server receives the OAuth token

DBefore user credentials are sent to the Authentication Server

Show Suggested Answer

Suggested Answer: A

by Kerrie at Apr 09, 2026, 11:54 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

2 days ago

I remember a practice question that mentioned the approval happens before any tokens are exchanged, which makes me lean towards D.

upvoted 0 times

...

7 days ago

I think the Resource Owner approves the scope right after they enter their credentials, so maybe it's A? But I'm not entirely sure.

upvoted 0 times

...