EmpowerID IGA Core

Question 1

What is EmpowerID

Answer 1

A modular software product available as SaaS for on-premise installation that provides broad capabilities in Identity Governance and Administration, Access Management and Single Sign-On and Privileged Access Management

Question 2

Identity Governance and Administration

Answer 2

A discipline that focus on identity life cycle management and access control from an administrative perspective

Question 3

Privileged Account Management

Answer 3

focusing on special control for risky high-level access. Privileged Account Mangement (PAM) is a mechanism for getting those special accounts under control

Question 4

Access Management and Single Sign On

Answer 4

Controlling the ability for end-users to access systems at runtime. Access Management verifies a user’s credentials and allows them access. Access Mangement also includes federation, which is the ability to access other systems after only logging in once to your identify provider

Question 5

Account

Answer 5

Used to control permissions within the application and for authentication In EmpowerID the user account object is the Person and Stored in the Person table

Question 6

Non-Person Accounts

Answer 6

Any account not specifically assigned to a person, such as accounts used for devices services and servers

Question 7

Entitlement Management

Answer 7

Cataloging and managing all the accesses an account may have

Question 8

Protected Resources

Answer 8

A system, a process, a service an information object or even a physical location that is subject to access control as defined by the owner of the resource and by other stakeholders such as a business process owner or Risk manager

Question 9

Account Store Identity Entry (ASIE)

Answer 9

The actual live representation of an object in an external system modified by EmpowerID. The ASIE is the implementation of the CRUD methods and the attributes that are specific to that Security Boundary Type and object type in that system.

Question 10

Group

Answer 10

Groups are the primary mechanism to grant permissions to actions

Question 11

Person

Answer 11

Person is the user object for the EmpowerID application

Question 12

Core Identity

Answer 12

optional object that relates multiple Person objects owned by the same human or thing

Question 13

Entitlement Management

Answer 13

Cataloging and managing all the accesses an account may have

Question 14

Protected Resources

Answer 14

A system, a process, a service an information object or even a physical location that is subject to access control as defined by the owner of the resource and by other stakeholders such as a business process owner or Risk manager

Question 15

Resource System Type

Answer 15

the definition of the connector inventory data from an external system

Question 16

ResourceGUID

Answer 16

the unique identifier of the object in its external system if its available in GUID format

Question 18

Account Store Identity Entry (ASIE)

Answer 18

the actual live representation of an object in an external system modified by EmpowerID. The ASIE is the implementation of the CRUD methods and the attributes that are specific to that Security Boundary Type and object type in that system.

Question 19

Live Action

Answer 19

Actions are EmpowerID Operations. It represents operation that can occur against an item

EX: Adding users to groups, creating mailboses, updating user attributes

Live actions are actions that are completed immediately in a synchronous

Question 20

Background Processes

Answer 20

The background process does not finish immediately but runs in the background for some time