CIAM-Key Terms and Concepts Flashcards
Term used to generalize and reference multiple entities which access a system such as employees, guest, application users, and external users such as customers, contractors and vendors.
A) Access Administrator
B) Identity Management
C) User
D) Federation
C
A resource or system that provides a generic service to the user in a federated system. To users, a service provider is the same thing as the application they are trying to use.
A) Federation
B) Identity Provider (IdP)
C) Identity Store
D) Service Provider (SP)
D
A person who assigns roles, group memberships, and/or other attributes to a user.
A) User
B) Access Administrator
C) Provisioning
D) Access Management
B
Underlying information associated with users and stored across a variety of technologies, including databases, LDAP, Active Directory, text files, etc.
A) Identity Store
B) Identity Provider (IdP)
C) Identity Management (IdM)
D) Service Provider (SP)
A
A system that validates the identity of a user in a federated system. The Service Provider (or SP) users the IdP to get the identity of the current user.
A) Service Provider (SP)
B) Identity Provider (IdP)
C) Identity Management (IdM)
D) Directory Service
B
The processes and solution that provide for the creation and management of user information also known as IdM.
A) Identity Management
B) Identity Provider
C) User
D) Governance
A
Processes, tools and people which allow organizations to manage use identities and their access while meeting compliance and manage risks.
A) Enforcement
B) Governance
C) Identity Management
D) Entitlements
B
This is a technical implementation that enables identity information to be developed and shared among several entities and across trusted domains.
A) Identity Management
B) Service Provider
C) Access Management
D) Federation
D
The processes associated with a user’s login across a realm of applications or information repositories. It is important to note that IAM services will authorize user access to protected resources, but will delegate the authorization decisions to the applications themselves.
A) Credential
B) Access Management
C) Single Sign-On
D) Authentication
B
The process of validation that people or entities are who they say they are. It is commonly referred to as “logging in.”
A) Authentication
B) Authorization
C) Credentials
D) Single Sign-On
A
The process of determining if a user has the right to access a service or perform an action.
A) Authentication
B) Authorization
C) Single Sign-On
D) Credentials
B
A central authentication protocol that allows users to log-on once and access all systems and data for which they are authorized.
A) Authorization
B) Single Sign-On
C) Authentication
D) Credentials
B
Item such as username/password combination - used by a person or entity to prove him/her/itself to a system.
A) Credentials
B) Single Sign-On
C) Authentication
D) Authorization
A
The software system that stores, organizes and provides access to information in a directory for entities such as people, groups, devices, resources, etc.
A) Governance
B) Identity Provider (IdP)
C) Directory Service
D) Service Provider (SP)
C
Refers to authentication, authorization and logging of identities as they are used within the organization’s IT systems. Carrying-out of access rights primarily occurs through automated processes or mechanisms.
Enforcement
Refers to an identity’s creation, change, termination, validation, approval, propagation and communication.
Provisioning
Refers to ongoing companywide activities. It includes the establishment of an IAM strategy; administration of IAM policy statement changes; establishment of identity and password parameters; management of manual or automated IAM systems and processes; and periodic monitoring, auditing, reconciliation, and reporting of IAM systems.
Identity Management
Is the collection of access rights to perform transactional functions. Note: The term _________ is used occasionally and synonymously with access rights.
entitlements
Is the information representing the rights that the identity is granted.
_____ rights can be granted to allow users to perform transactional functions at various levels. Some examples of transactional functions are copy, transfer, add, change, delete, review and approve.
Access
Is compromised of unique elements that describe a person or machine. An identity is recognized by a system in many ways included with something the user knows, such as a password or personal identification number (PIN); something the user has, such as an ID card, key fob, or a badge; and something the user is, such as a fingerprint or retinal pattern; or any combination of these elements.
Identity
