Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

INFO-6010-(01-01OL)-23F > IAM v2 > Flashcards

IAM v2 Flashcards

1
Q

Open Authorization (OAuth):

A
  • Definition: An open standard framework that allows applications to access user data without sharing user credentials, often used for granting third-party applications limited access to user accounts.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Access Control (system):

A
  • Definition: A system that manages and enforces policies and permissions, determining who can access what resources or perform specific actions within an organization’s environment.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Privilege creep:

A
  • Definition: The gradual accumulation of excessive privileges or access rights by users or accounts over time, potentially leading to security risks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Self-service ID Management:

A
  • Definition: A system that allows users to manage and update their own identity information, reducing the administrative burden on IT departments.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Access tokens:

A
  • Definition: Tokens that provide temporary access rights to specific resources or services, often used in OAuth and other authentication systems.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

MFA vs. SFA (Multi-Factor Authentication vs. Single-Factor Authentication):

A
  • Definition: MFA requires users to provide two or more authentication factors (e.g., password and a one-time code), while SFA relies on a single factor (e.g., just a password) for authentication.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Accounting:

A
  • Definition: The process of tracking and recording the activities and access permissions of users within a system or network for audit and security purposes.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

IDaaS (Identity as a Service):

A
  • Definition: A cloud-based service that provides identity and access management solutions to organizations, allowing them to manage user identities and access controls in the cloud.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Identity Proofing:

A
  • Definition: The process of verifying the identity of a person by confirming their claimed attributes or information, often used for secure authentication.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ABAC (Attribute-Based Access Control):

A
  • Definition: An access control model that uses attributes of users, resources, and the environment to make access control decisions, offering fine-grained control.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Authentication & Authorization:

A
  • Definition: Authentication is the process of verifying the identity of a user, while authorization involves granting or denying access to specific resources or actions based on the user’s identity and permissions.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Ethical Wall:

A
  • Definition: A network or communication barrier that prevents certain users or groups from communicating or sharing specific types of information to maintain privacy and regulatory compliance.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Data Custodian:

A
  • Definition: An individual or entity responsible for the storage, management, and protection of data, typically following the directives of the data owner or controller.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

CER (Cross-Enterprise Reference):

A
  • Definition: A reference data system that ensures consistent data naming and categorization across different entities within an organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Granularity of Controls:

A
  • Definition: The level of detail and specificity in access controls, determining how finely access permissions can be defined and enforced.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Data Owner:

A
  • Definition: A person or entity with the ultimate responsibility for data, including defining data access policies and making decisions regarding its use and protection.
17
Q

Data Controller:

A
  • Definition: An entity that determines the purposes and means of processing personal data, often associated with data protection regulations like GDPR
18
Q

Data Processor:

A
  • Definition: An entity that processes personal data on behalf of the data controller, following their instructions and obligations under data protection laws.
19
Q

DAC (Discretionary Access Control):

A
  • Definition: An access control model where data owners or administrators determine access permissions for users and objects based on their discretion.
20
Q

False Acceptance Rate (FAR):

A
  • Definition: A metric in biometric authentication that measures the likelihood of incorrectly accepting an unauthorized user’s identity.
21
Q

False Rejection Rate (Type 1):

A
  • Definition: A metric in biometric authentication that measures the likelihood of incorrectly rejecting an authorized user’s identity.
22
Q

Whaling Attack:

A
  • Definition: A targeted phishing attack aimed at high-profile individuals or senior executives within an organization, often seeking sensitive information.
23
Q

Logical Access Control:

A
  • Definition: Access control mechanisms that operate at the software or system level to manage user access to digital resources.
24
Q

Mandatory Access Control:

A
  • Definition: An access control model that enforces access restrictions based on security labels or classifications assigned to users and data, typically used in government and military settings.

INFO-6010-(01-01OL)-23F (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions