Identity and Access Management Domain Flashcards
The process of establishing confidence in user identities electronically presented to an information system
Electronic authentication (e-authentication)
A non-contact, automatic identification technology that uses radio signals to identify, track, sort, and detect a variety of objects including people, vehicles, goods, and assets without the need for direct contact
Radio Frequency Identification (RFID)
Allows authorised security personnel to simultaneously manage and monitor multiple entry points from a single, centralized location
Physical Access Control Systems (PACS)
A system that manages passwords consistently across the enterprise
Password Management System
Provides the system with a way of uniquely identifying a particular user amongst all the users of that system
User ID
Used to enter secured areas of a facility and are used in conjuction with a badge reader to read information stored on the badge
Access badges
A 48-bit number (typically represented in hexadecimal format) that is supposed to be globally unique
MAC address
Protection mechanisms that limit users’ access to information and restrict their forms of access on the system to only what is appropriate for them
Logical access controls
Developing standard for authenticating network users. Kerberos offers two-key benefits;
1) It functions in a multi-vendor network
2) It does not transmit passwords over the network
Kerberos
The process of collecting and verifying information about a person for the purpose of proving that a person who has requested an account, a credential, or other special privilege is indeed who they claim to be, and establishing a reliable relationship
Identity Proofing
Cloud-based services that broker identity and access management functions to target systems on customers’ premises and/or in the cloud
Identity as a Service (IDaaS)
An access control model that bases the access control authorizations on the roles (or functions) that the user is assigned within an organization
Role-Based Access Control (RBAC)
A version of SAML OASIS standard for exchanging authentication and authorization data between security domains
Security Assertion Markup Language 2.0 (SAML 2.0)
Protects enterprise assets and provides a history of who gained access and when the access was granted
Facility access control
A unified login experience (from the viewpoint of the end user) when accessing one or more systems
Single sign-On (SSO)