Identity and account management Flashcards
What is an IdP?
Identity Provider
This is a 3rd party service for authentication in the cloud.
Think of this as “authentication as a service”
This is responsible for identifying and controlling users based on what their username might be and what devices they might be using.
Uses standard authentication methods such as SAML, Oauth, and OpenID connect.
When it comes to identity and authentication what is an attribute?
An identifier or property of an entity.
Personal attributes could be someones name, email address, phone number, employee ID
Other attributes might be things like department name, job title, etc.
One or more attributes can be used to identify a specific person.
What is a shared account?
An account used by more than one person.
If you have a guest login or an anonymous login this is an example of a shared account.
What is a guest account?
Access to a system for guests.
Limited access to most areas of the computer.
No access to change settings, modify applications, view other peoples files, etc.
Usually no password.
This is a significant security risk.
What is a service account?
This is an account that doesn’t log in interactively(hopefully).
Used exclusively by services running on the computer. (web server, database server, etc)
Access can be defined for a specific service, web servers will have different perms than databases.
Commonly use usernames and passwords.
What are privileged accounts?
administrator/root
These accounts have complete access to the operating system.
They can change core files and modify the kernal of the system, anything.
This account should not be used for normal administration, not for normal use.
This account should be strongly secured (strong password, 2FA, scheduled password changes)
