Identity and Access Management (IAM) Solutions Flashcards

1
Q

What does Identity and Access Management (IAM) ensure?

A

Right individuals have right access to right resources for right reasons

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the components of IAM?

A
  • Password Management
  • Network Access Control
  • Digital Identity Management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the acronym IAAA stand for in IAM processes?

A

Identification, Authentication, Authorization, and Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the purpose of Identification in IAM?

A

Claiming identity, e.g., username, email address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Authentication in IAM?

A

Verifying user, device, or system identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does Authorization determine after authentication?

A

User permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Accounting in IAM?

A

Tracking and recording user activities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the IAM processes?

A
  • Provisioning
  • Deprovisioning
  • Identity Proofing
  • Interoperability
  • Attestation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the factors of Multi-Factor Authentication (MFA)?

A
  • Something you know
  • Something you have
  • Something you are
  • Something you do
  • Somewhere you are
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are examples of MFA implementations?

A
  • Biometrics
  • Hard tokens
  • Soft tokens
  • Security keys
  • Passkeys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are best practices for Password Security?

A
  • Password policies
  • Password managers
  • Passwordless authentication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What types of Password Attacks exist?

A
  • Spraying Attacks
  • Brute Force Attacks
  • Dictionary Attacks
  • Hybrid Attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Single Sign-On (SSO)?

A

User authentication service using one set of credentials for multiple applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What technologies are used in SSO?

A
  • LDAP
  • OAuth
  • SAML
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Federation in IAM?

A

Sharing and using identities across multiple systems or organizations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does Privileged Access Management (PAM) involve?

A
  • Just-in-Time (JIT) Permissions
  • Password Vaulting
  • Temporal Accounts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the different Access Control Models?

A
  • Mandatory Access Control
  • Discretionary Access Control
  • Role-based Access Control
  • Rule-based Access Control
  • Attribute-based Access Control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the purpose of Provisioning in IAM?

A

Creating new user accounts, assigning permissions, and providing system access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What does Deprovisioning mean in IAM?

A

Removing access rights when no longer needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is Identity Proofing?

A

Verifying a user’s identity before creating their account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is Interoperability in IAM?

A

Ability of different systems, devices, and applications to work together and share information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is Attestation in IAM?

A

Validating that user accounts and access rights are correct and up-to-date

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is the definition of Multi-Factor Authentication (MFA)?

A

A security system requiring multiple methods of authentication from independent categories of credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What are the five categories of authentication for MFA?

A
  • Something You Know
  • Something You Have
  • Something You Are
  • Somewhere You Are
  • Something You Do
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What is a Single Factor Authentication?
Uses one authentication factor to access a user account
26
What is Two Factor Authentication (2FA)?
Requires two different authentication factors to gain access
27
What is Passwordless Authentication?
An alternative to traditional passwords for authentication
28
What are the five characteristics of Password Policies?
* Password Length * Password Complexity * Password Reuse * Password Expiration * Password Age
29
What does Password Length refer to?
Longer passwords are harder to crack
30
What does Password Complexity involve?
Combines uppercase and lowercase letters, numbers, and special characters
31
What is the risk of Password Reuse?
Increases vulnerability
32
What does Password Expiration require?
Users to change passwords after a specific period
33
What are Password Managers?
Tools for storing and managing passwords securely
34
What are some methods of Passwordless Authentication?
* Biometric Authentication * Hardware Token * One-Time Passwords (OTP) * Magic Links * Passkeys
35
What are the types of password attacks?
* Brute Force * Dictionary * Password Spraying * Hybrid
36
What is a Brute Force Attack?
Tries every possible character combination until the correct password is found
37
What is a Dictionary Attack?
Uses a list of commonly used passwords to crack passwords
38
What is Password Spraying?
Tries a few common passwords against many usernames or accounts
39
What is a Hybrid Attack?
Combines elements of brute force and dictionary attacks
40
What is the function of Single Sign-On (SSO)?
Allows users to access multiple applications with one set of credentials
41
What protocols are used in Single Sign-On (SSO)?
* LDAP * OAuth * SAML
42
What does Federation enable?
Use the same credentials for login across systems managed by different organizations
43
What is the first step in the Federation Process?
User accesses a service or application and chooses to log in
44
What is Just-In-Time (JIT) Permissions?
Grants administrative access only when needed for a specific task
45
What does Password Vaulting do?
Stores and manages passwords securely
46
What are Temporal Accounts?
Temporary accounts used for time-limited access to resources
47
What is Mandatory Access Control (MAC)?
Uses security labels to authorize resource access
48
What is Discretionary Access Control (DAC)?
Resource owners specify which users can access their resources
49
What does Mandatory Access Control (MAC) use to authorize resource access?
Security labels ## Footnote MAC requires assigning security labels to both users and resources.
50
In Mandatory Access Control, access is granted only if the user's label is _______ the resource's label.
equal to or higher than
51
Who specifies which users can access resources in Discretionary Access Control (DAC)?
Resource owners ## Footnote DAC allows resource owners to grant access to specific users.
52
What does Role-Based Access Control (RBAC) assign to users?
Roles ## Footnote RBAC assigns permissions to roles that mimic the organization's hierarchy.
53
What is enforced by Role-Based Access Control?
Minimum privileges
54
What does Rule-Based Access Control use to determine access?
Security rules or access control lists
55
What type of access control considers user, environment, and resource attributes?
Attribute-Based Access Control (ABAC)
56
What are some examples of User Attributes in ABAC?
* User’s name * Role * Organization ID * Security clearance
57
What are some examples of Environment Attributes in ABAC?
* Time of access * Data location * Current organization's threat level
58
What is the purpose of Time-of-Day Restrictions in access control?
Limits access based on specific time periods
59
What does the Principle of Least Privilege state?
Users are granted the minimum access required to perform their job functions
60
What can help prevent unauthorized access during non-working hours?
Time-of-Day Restrictions
61
What defines the levels of access that users have?
Privileges
62
What type of account allows high levels of access for administrative tasks?
Local Administration Account
63
What can Standard User Accounts not do?
Change system settings
64
What is User Account Control (UAC) designed to do?
Ensure actions requiring administrative rights are explicitly authorized by the user
65
File and folder permissions can also apply to _______.
Groups of users
66
How can you access file and folder permissions in Windows?
Right-click on a file or folder, select ‘Properties’, navigate to the ‘Security’ tab
67
Always ensure to only give out the necessary _______.
Permissions