8: Identity and Access Management Flashcards
What does AAA stand for in security concepts?
Authentication, Authorization, and Accounting
AAA is a framework for controlling access to computer resources, enforcing policies, and auditing usage.
What is the purpose of mitigation techniques in security?
To secure the enterprise
Mitigation techniques help reduce vulnerabilities and protect against potential threats.
What is an Access Control List (ACL)?
A list that defines permissions for users and groups regarding resources
ACLs specify which users or systems have access to specific resources and what actions they can perform.
What is provisioning in the context of identity management?
The process of creating user accounts and granting access rights
Provisioning ensures that users have the necessary access to perform their job functions.
What does identity proofing entail?
Verifying the identity of a user before granting access
Identity proofing is crucial for ensuring that the user is who they claim to be.
What is Single Sign-On (SSO)?
A user authentication process that allows a user to access multiple applications with one set of login credentials
SSO improves user experience and reduces password fatigue.
What are the factors involved in multifactor authentication?
- Something you know
- Something you have
- Something you are
- Somewhere you are
Multifactor authentication enhances security by requiring multiple forms of verification.
What are the types of access controls?
- Mandatory
- Discretionary
- Role-based
- Rule-based
- Attribute-based
- Time-of-day restrictions
- Least privilege
Different models of access control can be applied based on organizational needs.
What is the significance of privileged access management tools?
They ensure proper controls and monitoring for superusers and privileged accounts
Tools like just-in-time permissions and password vaulting help manage high-level access.
What are password best practices?
- Length
- Complexity
- Reuse
- Expiration
- Age
Following these practices can significantly enhance password security.
What is the concept of interoperability in identity management?
The ability of different authentication and authorization services to work together
Interoperability ensures seamless access across systems and applications.
Fill in the blank: Identities are one of the most important _______ in modern organizations.
security layers
Managing identities effectively is critical for organizational security.
What is the role of accounting in AAA?
Tracking user actions and resource usage
Accounting provides a record of who accessed what resources and when.
What does the term ‘authentication’ refer to?
The process of verifying the identity of a user or system
Authentication ensures that users are who they claim to be.
What is the purpose of implementing identity and access management?
To control access to systems and services, and manage user rights
Effective identity and access management is vital for organizational security.
What are identities?
Sets of claims made about a subject
Subjects can include people, applications, devices, systems, or organizations, with the most common application being individuals.
What type of information is typically linked to identities?
Attributes or information about the subject
This includes details important for the use of their identity.
What is the difference between attributes and traits?
Attributes are changeable; traits are inherent
Examples: attributes can include title or address; traits include height or eye color.
What is the most commonly used means of claiming an identity?
Usernames
Usernames are associated with an identity but are not authentication factors themselves.
What are certificates in the context of identity?
Stored on a system or paired with a device to identify systems or individuals
Certificates can be used for both devices and individual identities.
What are tokens?
Physical devices that present a certificate or information
Tokens may generate a code or connect via USB/Bluetooth.
What are SSH keys?
Cryptographic representations of identity replacing a username and password
SSH keys enhance security by eliminating the need for traditional credentials.
What do smartcards use for identity verification?
An embedded chip
Smartcards can be contactless or require a physical chip reader and often generate key pairs on the card.