Identity and Access Management (IAM) Solutions

Question 1

What does Identity and Access Management (IAM) ensure?

Answer 1

Right individuals have right access to right resources for right reasons

Question 2

What are the components of IAM?

Answer 2

• Password Management
• Network Access Control
• Digital Identity Management

Question 3

What does the acronym IAAA stand for in IAM processes?

Answer 3

Identification, Authentication, Authorization, and Accounting

Question 4

What is the purpose of Identification in IAM?

Answer 4

Claiming identity, e.g., username, email address

Question 5

What is Authentication in IAM?

Answer 5

Verifying user, device, or system identity

Question 6

What does Authorization determine after authentication?

Answer 6

User permissions

Question 7

What is Accounting in IAM?

Answer 7

Tracking and recording user activities

Question 8

What are the IAM processes?

Answer 8

• Provisioning
• Deprovisioning
• Identity Proofing
• Interoperability
• Attestation

Question 9

What are the factors of Multi-Factor Authentication (MFA)?

Answer 9

• Something you know
• Something you have
• Something you are
• Something you do
• Somewhere you are

Question 10

What are examples of MFA implementations?

Answer 10

• Biometrics
• Hard tokens
• Soft tokens
• Security keys
• Passkeys

Question 11

What are best practices for Password Security?

Answer 11

• Password policies
• Password managers
• Passwordless authentication

Question 12

What types of Password Attacks exist?

Answer 12

• Spraying Attacks
• Brute Force Attacks
• Dictionary Attacks
• Hybrid Attacks

Question 13

What is Single Sign-On (SSO)?

Answer 13

User authentication service using one set of credentials for multiple applications

Question 14

What technologies are used in SSO?

Answer 14

• LDAP
• OAuth
• SAML

Question 15

What is Federation in IAM?

Answer 15

Sharing and using identities across multiple systems or organizations

Question 16

What does Privileged Access Management (PAM) involve?

Answer 16

• Just-in-Time (JIT) Permissions
• Password Vaulting
• Temporal Accounts

Question 17

What are the different Access Control Models?

Answer 17

• Mandatory Access Control
• Discretionary Access Control
• Role-based Access Control
• Rule-based Access Control
• Attribute-based Access Control

Question 18

What is the purpose of Provisioning in IAM?

Answer 18

Creating new user accounts, assigning permissions, and providing system access

Question 19

What does Deprovisioning mean in IAM?

Answer 19

Removing access rights when no longer needed

Question 20

What is Identity Proofing?

Answer 20

Verifying a user’s identity before creating their account

Question 21

What is Interoperability in IAM?

Answer 21

Ability of different systems, devices, and applications to work together and share information

Question 22

What is Attestation in IAM?

Answer 22

Validating that user accounts and access rights are correct and up-to-date

Question 23

What is the definition of Multi-Factor Authentication (MFA)?

Answer 23

A security system requiring multiple methods of authentication from independent categories of credentials

Question 24

What are the five categories of authentication for MFA?

Answer 24

• Something You Know
• Something You Have
• Something You Are
• Somewhere You Are
• Something You Do

Question 25

What is a Single Factor Authentication?

Answer 25

Uses one authentication factor to access a user account

Question 26

What is Two Factor Authentication (2FA)?

Answer 26

Requires two different authentication factors to gain access

Question 27

What is Passwordless Authentication?

Answer 27

An alternative to traditional passwords for authentication

Question 28

What are the five characteristics of Password Policies?

Answer 28

* Password Length * Password Complexity * Password Reuse * Password Expiration * Password Age

Question 29

What does Password Length refer to?

Answer 29

Longer passwords are harder to crack

Question 30

What does Password Complexity involve?

Answer 30

Combines uppercase and lowercase letters, numbers, and special characters

Question 31

What is the risk of Password Reuse?

Answer 31

Increases vulnerability

Question 32

What does Password Expiration require?

Answer 32

Users to change passwords after a specific period

Question 33

What are Password Managers?

Answer 33

Tools for storing and managing passwords securely

Question 34

What are some methods of Passwordless Authentication?

Answer 34

* Biometric Authentication * Hardware Token * One-Time Passwords (OTP) * Magic Links * Passkeys

Question 35

What are the types of password attacks?

Answer 35

* Brute Force * Dictionary * Password Spraying * Hybrid

Question 36

What is a Brute Force Attack?

Answer 36

Tries every possible character combination until the correct password is found

Question 37

What is a Dictionary Attack?

Answer 37

Uses a list of commonly used passwords to crack passwords

Question 38

What is Password Spraying?

Answer 38

Tries a few common passwords against many usernames or accounts

Question 39

What is a Hybrid Attack?

Answer 39

Combines elements of brute force and dictionary attacks

Question 40

What is the function of Single Sign-On (SSO)?

Answer 40

Allows users to access multiple applications with one set of credentials

Question 41

What protocols are used in Single Sign-On (SSO)?

Answer 41

* LDAP * OAuth * SAML

Question 42

What does Federation enable?

Answer 42

Use the same credentials for login across systems managed by different organizations

Question 43

What is the first step in the Federation Process?

Answer 43

User accesses a service or application and chooses to log in

Question 44

What is Just-In-Time (JIT) Permissions?

Answer 44

Grants administrative access only when needed for a specific task

Question 45

What does Password Vaulting do?

Answer 45

Stores and manages passwords securely

Question 46

What are Temporal Accounts?

Answer 46

Temporary accounts used for time-limited access to resources

Question 47

What is Mandatory Access Control (MAC)?

Answer 47

Uses security labels to authorize resource access

Question 48

What is Discretionary Access Control (DAC)?

Answer 48

Resource owners specify which users can access their resources

Question 49

What does Mandatory Access Control (MAC) use to authorize resource access?

Answer 49

Security labels ## Footnote MAC requires assigning security labels to both users and resources.

Question 50

In Mandatory Access Control, access is granted only if the user's label is _______ the resource's label.

Answer 50

equal to or higher than

Question 51

Who specifies which users can access resources in Discretionary Access Control (DAC)?

Answer 51

Resource owners ## Footnote DAC allows resource owners to grant access to specific users.

Question 52

What does Role-Based Access Control (RBAC) assign to users?

Answer 52

Roles ## Footnote RBAC assigns permissions to roles that mimic the organization's hierarchy.

Question 53

What is enforced by Role-Based Access Control?

Answer 53

Minimum privileges

Question 54

What does Rule-Based Access Control use to determine access?

Answer 54

Security rules or access control lists

Question 55

What type of access control considers user, environment, and resource attributes?

Answer 55

Attribute-Based Access Control (ABAC)

Question 56

What are some examples of User Attributes in ABAC?

Answer 56

* User’s name * Role * Organization ID * Security clearance

Question 57

What are some examples of Environment Attributes in ABAC?

Answer 57

* Time of access * Data location * Current organization's threat level

Question 58

What is the purpose of Time-of-Day Restrictions in access control?

Answer 58

Limits access based on specific time periods

Question 59

What does the Principle of Least Privilege state?

Answer 59

Users are granted the minimum access required to perform their job functions

Question 60

What can help prevent unauthorized access during non-working hours?

Answer 60

Time-of-Day Restrictions

Question 61

What defines the levels of access that users have?

Answer 61

Privileges

Question 62

What type of account allows high levels of access for administrative tasks?

Answer 62

Local Administration Account

Question 63

What can Standard User Accounts not do?

Answer 63

Change system settings

Question 64

What is User Account Control (UAC) designed to do?

Answer 64

Ensure actions requiring administrative rights are explicitly authorized by the user

Question 65

File and folder permissions can also apply to _______.

Answer 65

Groups of users

Question 66

How can you access file and folder permissions in Windows?

Answer 66

Right-click on a file or folder, select ‘Properties’, navigate to the ‘Security’ tab

Question 67

Always ensure to only give out the necessary _______.

Answer 67

Permissions