Identity and Access Management Flashcards
Determines what users can do with contents based on his credentials.
Authentication
Keep a historical record of what users do to shared resources.
Accounting
Means that the organization trusts another entity simply because they are trusted by someone else.
Transitive Trust
A system that involves the use of a common authentication system and credentials database that multiple entities use and share.
Federated system
Which access control applies to highly secure environnments, where a user is granted access to a system or data based upon his security level ?
Mandatory Access Control (MAC)
Which access control provides access based on which user has created or owns an object ?
Discretionary Access Control (DAC)
Which access control uses predefined roles to define access ?
Role-Based Access Control
Which access control grantes access based upon predefined rules that may apply to users or groups of users and also more advanced firewalls ?
Rule-Based Access Control
____ typically are generated by tokens or mobile devices to facilitate multifactor authentication
OTPs
Rate of errros from incorrectly rejecting authorized users :
FRR
Rate of errors from incorrectly authenticating unauthorized users :
FAR
Point of which the system must be tuned to reduce FRR and FAR :
Crossover error rate
A storage chip to a stantard credit-card-sized plastic card creates a :
Smart Card
Type of account that sits between a user account and an admin/root account :
Privileged Account
Term used when users privileges are not reviwed on periodic basis and users move around within the organization retaining privileges even when they no longer need them
Privilege Creep
