Identity And Access Management Flashcards
List the 3 key concepts
- Authentication
- Authorization
- Accounting
Define Authentication
validating who a user claims to be
- something you are
- something you have
- something you know
Define Authorization
Giving someone permission to do or access something
- give user access to resource
- happens after authentication
Define Accounting
process of measuring the resource and the consumption
- time logged in
- data they access/changed
- make sure access is as intended
- verify access only to correct accounts
What are some methods of authentication?
biometrics
built in on many devices
token (card, message)
What is Identity Governance
process for managing access to resources via a centralized solution
- check user’s token
- provides access to right resources
What is an Identity Provider
services that confirms identity
- trusted source that can create, store, and manage
Examples of Identity Provider
- Azure Active Directory Accounts
- Microsoft Accounts
What is Single Sign-On
used to gain access to multiple services via one sign-on
What are the User benefits of SSO
- cross site navigation
- increased productivity
- reduce password fatigue
- more secure
What are the Admin benefits of SSO
- standard process across resources
- improved new security
- a single ID across multiple systems
- granting and deleting users
What is token forwarding
the token follows you across systems
- not all systems allow this
List some SSO Providers (6)
- Okta Identity Cloud
- OneLogin Unified Access Management Platform
- JumpCloud Directory as a Service
- Ping Intelligent Identity Platform
- Idaptive
- Microsoft Azure Active Directory (AD)
Define Access Control Attacks
intruders will try to defeat, bypass, or trick access controls in order to reach their target
List 5 Attack Objectives
- Guess credentials
- Malfunction of access controls
- Bypass access controls
- Replay known good logins
- Trick people into giving up credentials
