Identity - the primary security perimeter

Question 1

What is an identity?

Answer 1

Things that define/characterize a person or something

Question 2

What can identity be associated with?

Answer 2

User
application
device
Other

Question 3

What are the four pillars of identity infrastructure?

Answer 3

Administration - creating/managing identities for users, devices and services
Authentication- proving a person is who they say they are
Authorization - deciding what that person can do
Auditing - tracking who does what/ reports and alerts

Question 4

What are the 3 entities of modern authentication?

Answer 4

Servers
Clients
Identity providers (IdP)

Question 5

What is the use of an Identity Provider (IdP)?

Answer 5

they create, maintain and manage identity information while offering authentication, authorization and auditing services

Question 6

What is the role of a token given to the client by the IdP?

Answer 6

the security token is given to the client (mobile/laptop) and is then sent to the server. The server then validates the security token via its “trust relationship” with the IdP.
The token allows the user/application to access the requested resources

Question 7

What is an example of a cloud based IdP?

Answer 7

Microsoft Entra ID

Question 8

What is single sign on (SSO)?

Answer 8

user is able to log in once with one set of credentials that will allow access to multiple applications or resources

Question 9

What is the term given to SSO between multiple IdPs?

Answer 9

Federation