Lesson 8 Implementing Identity and Account Management Controls Flashcards

1
Q

How does single-sign-on work?

A

the user authenticates to an identity provider (IdP) and receives a cryptographic token. The user can present that token to compatible applications as proof they are authenticated, and receive authorizations from the application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is an Identity Provider?

A

The service that provisions the user account and processes authentication requests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is an Exit interview or Off-Boarding process?

A

The process of ensuring that an employee leaves a company gracefully

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Name the processes of the Offboarding process

A
  1. Account management - Disable the user account and privileges and ensure that any info assets created by the user are able to be accessed
  2. Company assets - retrieve mobile devices, keys, smart cards, USB media, and so on
  3. Personal assets - Wipe employee devices of corporate data and applications
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a default account?

A

One that is created by the operating system or application when it is installed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is another name for default account?

A

Admin in Windows

Root/Super User in Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are service accounts

A

A host or network account that is designed to run a background service, rather than to log on interactively

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does the local system account do

A

Creates the host processes that start Windows before the user logs on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does the local Service account do

A

Has the same privileges as the standard user account. It can only access network resources as an anonymous user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Describe the Network Service Account

A

has the same privileges as the standard user account but can present the computer’s account credentials when accessing network resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a SSH Host key pair

A

Identifies an SSH server. he server reveals the public part when a client connects to it. The client must use some means of determining the validity of this public key. If accepted, the key pair is used to encrypt the network connection and start a session.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a SSH user key pair

A

a means for a client to login to an SSH server. The server stores a copy of the client’s public key. The client uses the linked private key to generate an authentication request and sends the request (not the private key) to the server. The server can only validate this request if the correct public key is held for that client.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What two things can allow you to find the geolocation of a user

A

Ip-address and Location Services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Geo-fencing?

A

the practices of creating a virtual boundary based on real-world geography and accepting and rejecting requests based on location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a Time of Day policy?

A

Policies or configuration settings that limit a user’s access to resources. and establishes logon hours for an account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is usage auditing?

A

Configuring the security log to record key indicators and then reviewing the logs for suspicious activity

17
Q

What are some categories of Usage audits

A
Account logon and management events
Process creation
Object access (file system/file share)
Changes to audit policy
Changes to system security and integrity (antivirus, host firewall, and so on)
18
Q

What is Discretionary Access Control (DAC)

A

Access control model where each resource is protected by an Access Control List (ACL) managed by the resource’s owner (or owners).

19
Q

What is Role Based Access Control (RBAC)

A

An access control model where resources are protected by ACLs that are managed by administrators and that provide user permissions based on job functions.

20
Q

What is Mandatory Access Control (MAC)

A

Access control model where resources are protected by inflexible, system-defined rules. Resources (objects) and users (subjects) are allocated a clearance level (or label).

21
Q

What is Attribute Based Access Control (ABAC)

A

An access control technique that evaluates a set of attributes that each subject possesses to determine if access should be granted.

22
Q

What is Rule-based access control

A

A non-discretionary access control technique that is based on a set of operational rules or restrictions to enforce a least privileges permissions policy.

23
Q

What are three types of rule-based / non discretionary access controls

A

ABAC, MAC, and RBAC

24
Q

What is Conditional access and how does it work

A

An example of rule-based access control. Monitors account or device behavior throughout a session

25
Q

What is Privileged access management (PAM)

A

Policies, procedures, and support software for managing accounts and credentials with administrative permissions.

26
Q

What is Directory Services

A

A network service that stores identity information about all the objects in a particular network, including users, groups, servers, client computers, and printers.

27
Q

What is a Distinguished Name (DN)

A

A unique identifier for any given resource within an X.500-like directory

28
Q

What is Federation?

A

A process that provides a shared login capability across multiple systems and enterprises. It essentially connects the identity management services of multiple systems.

29
Q

What are the steps of federated identity management process?

A
  1. The user attempts to access a service provider (SP), The service provider redirects the principal to the Identity Provider (IDP) to authenticate
  2. The principal authenticates with the identity provider and obtains an attestation of identity, in the form of some sort of token or document signed by the IDP.
  3. The principal presents the attestation to the service provider. The SP can validate that the IdP has signed the attestation because of its trust relationship with the IdP
  4. The service provider can now connect the authenticated principal to its own accounts database. It may be able to query attributes of the user account profile held by the IdP, if the principal has authorized this type of access.
30
Q

What is Security Assertion Markup Language (SAML)

A

An XML-based data format used to exchange authentication information between a client and a service

31
Q

What is Simple Object Access Protocol (SOAP)

A

An XML-based web services protocol that is used to exchange messages.

32
Q

What is Open Authorization (OAuth) Protocol?

A

Standard for federated identity management, allowing resource servers or consumer sites to work with user accounts created and managed on a separate identity provider.

33
Q

What is Code of Conduct/ Rules of behavior

A

expected professional standards