4.6

Question 1

IAM

Answer 1

Identity and access Management
Makes sure right individuals have right access to right resources for right reasons

Question 2

Components of IAM

Answer 2

network access control
password management
digitial identity management

Question 3

IAM Process

Answer 3

Identification - claiming identity
Authentication
Authorization - uses role based access control often
accounting

Question 4

SSO

Answer 4

user authentication service using one set of credentials for multiple apps

Question 5

Technologies for SSO

Answer 5

LDAP
OAUTH
SAML

Question 6

Federation

Answer 6

Sharing and using identities across multiple systems or organizations

Question 7

PAM

Answer 7

priviledged access management
- JIT permissions just in time
password vaulting
temporal accounts

Question 8

Access Control Models

Answer 8

MAC mandatory access control
DAC discretionary
Role bAC role based
Rule based access control
ABAC attribute based

Question 9

Identity Proofing

Answer 9

process of verifying a user’s identity before creating an account
drivers license verification or passport examples

Question 10

Attestation

Answer 10

validating that user accounts and access rights are correct and up to date
involves regular reviews and audits or user accounts

Question 11

Interoperability

Answer 11

ability of different systems and apps to work together to share information
in IAM it can involve SAML or OpenID Connect for secure authentication and authorization

Question 12

Passkeys

Answer 12

Passwordless authentication
invovles creating a passkey by device authentication methods like fingerprint or facial recognization

Question 13

LDAP

Answer 13

lightweight directory access protocol
used to access and maintain distributed directory information
can share user info across network devices

Question 14

OAuth

Answer 14

open standard for token based authentication and authorization
allows third party services to access user account info without exposing passwords
often used in restful apps
uses json web tokens JWT

Question 15

SAML

Answer 15

Security Assertion markup langugae
standard for logging users into apps based on sessions in another contect

Question 16

Federation

Answer 16

links electronic identities and attributes across multiple identity management systems
enables users to use the same credentials for login across systems managed by different orgs
based on trusted relationship between systems

Question 17

PAM

Answer 17

privileged access management
solution that restricts and monitors priviledged access within an IT environment
tools used to prevent malicious abuse of privileged accounts

Question 18

JIT Permissions

Answer 18

just in time
grants admin access only when needed for a specific task

Question 19

Temporal Account

Answer 19

time limited privileges accounts

Question 20

MAC

Answer 20

uses security labels to authorize resources
access is granted if user label is equal or higher than the resource’s label

Question 21

DAC

Answer 21

discretionary access control
resource owners specify which users can access their resources

Question 22

RBAC

Answer 22

role based access control
assigns users to roles and assigns permissions to roles
mimics orgs hierarchy
enforces minimum privileges

Question 23

Rule Based Access Control

Answer 23

uses security rules or access control lists
policies can be changed quickly
applied across multiple users on a network segmentA

Question 24

ABAC

Answer 24

attribute based access control
includes user attributes like name, and Org ID
environmental variables, time of access data location etc and resource attributes like resource owner, rile name and data sensitivity

Question 25

UAC

Answer 25

user account control
a mechanism designed to ensure that actions requiring admin rights are explicitly authorized by the user