Identity & Access Management Flashcards
An unified login experience when accessing one or more systems
Single Sign On (SSO)
Involves the use of simply one of the three available factors solely in order to carry out the authentication process being requested
Single Factor Authentication
A version of the SAML OASIS standard for exchanging authentication & authorization data between security domains
Security Assertion Markup Language 2.0 (SAML)
An access control model that based on a list of predefined rules that determine what accesses should be granted
Rule-Based Access Control
An access control model that bases the access control authorizations on the roles that the user is assigned within an organization
Role-Based Access Control
A non-contact, automatic identification technology that uses radio signals to identify, track, sort and detect a variety of objects including people, vehicles, goods, & assets without the need for direct contact
Radio Frequency Identification (RFID)
Allows authorized security personnel to simultaneously manage & monitor multiple entry points from a single centralized location
Physical Access Control Systems (PACS)
A system that manages passwords consistently across the enterprise
Password Management System
Ensures that a user is who they claim to be. The more factors used to determine a person’s identity, the greater the trust of authenticity
Multi-Factor Authentication
Access Control that requires the system itself to manage access controls in accordance with the organization’s security policies
Mandatory Access Control (MAC)
A 48-bit number that is supposed to be globally unique
MAC Address
Protection mechanisms that limit user’s access to information & restrict their forms of access on the system to only what is appropriate for them
Logical Access Controls
Developing standard for authenticating network users. Offers two key benefits: Functions in a multi-vendor network, & it does not transmit passwords over the network
Kerberos
Process of collecting & verifying information about a person for the purpose of proving that a person who has requested an account, a credential, or other special privilege is indeed who he or she claims to be, & establishing a reliable relationship
Identity Proofing
Cloud-based services that broker identity & access management functions to target systems on customer’s premises and/or in the cloud
Identity as a Service (IDaaS)
Protects enterprise assets & provides a history of who gained access & when the access was granted
Facility Access Control
The process of establishing confidence in user identities electronically presented to an information system
Electronic Authentication
A hardware device that contains non-programmable logic & non-volatile storage dedicated to all cryptographic operations & protection of private keys
Cryptographic Device
Process of defining the specific resources a user needs & determining the type of access to those resources the user may have
Authorization
Process of verifying the identity of the user
Authentication
Systems that attempt to streamline the administration of user identity across multiple systems
Account Management Systems
Physical or electronic systems designed to control who, or what, has access to a network
Access Control Systems
Used to enter secured areas of a facility & are used in conjunction with a badge reader to read information stored on the badge
Access Badge
Provides the system with a way of uniquely identifying a particular user among all the users of that system
User ID
A local hardware encryption engine & secured storage for encryption keys
Trusted Platform Module
