Ping

Question 1

What is orchestration?

Answer 1

A service that can put all applications and services together in a desired flow.

Automated workflows for different identity workflows.

Question 2

Orchestration Before?

Answer 2

Siloed apps and identity systems are impossible to tie into a seamless flow.

Question 3

Orchestration After?

Answer 3

Easily deliver user journeys across any vendor and any service in one canvas.

Question 4

How can orchestration improve Business Agility?

Answer 4

Reduce integrations and time/money. Time is limited. Get more done in less time.

Question 5

How can orchestration improve customer experience and engagement?

3

Answer 5

1) Drive engagement with better customer experience.
2) Drive revenue.
3) Build faster than competition.

Question 6

Key question to ask?

Orchestration

Answer 6

What would your ideal user experience look like?

Question 7

How can orchestration increase revenue?

6

Answer 7

1) # of customers
2) Improve Abandoment Metrics
3) RPU
4) Customer Engagement (time/visits)
5) Time to Market - Changes
6) # of new digital products

Question 8

Orchestration vendors out there?

3

Answer 8

1) Strata (Strong Microsoft Relationship - Identity Orchestration built for teams that need modern security for multi-cloud.
2) Jumio (The KYX Platform lets you orchestrate the controls and assurances you need to instill trust in your online channels, meet AML/KYC compliance and fight fraud and financial crime.
3) Alloy Alloy is the global Identity Decisioning Platform that helps banks and fintech companies automate their decisions for onboarding, transaction monitoring and credit underwriting.)

Question 9

How can orchestration improve operating expense?

7

Answer 9

1) Development Costs
2) Recurring maintenance costs related to customer experience changes
3) Compliance expenditures and fines
4) Security expenditures and fines
5) Customer privacy and trust expenditures and losses
6) Time between IAM team and digital team.
7) Call center costs

Question 10

What are the 3 why’s?

3

Answer 10

1) Why change?
2) Why now?
3) Why Ping?

Question 11

Name a BPO orchestration provider.

Answer 11

ServiceNow

*can orchestrate IAM use cases as well

Question 12

How does Ping reach across digital transformation efforts?

3

Answer 12

1) Do it yourself Cloud
2) Hosted Privat Cloud
3) Identity-as-a-Service

Question 13

Ping Major Competitors?

5

Answer 13

1) ForgeRock
2) Okta
3) Auth0
4) Transmit
5) Microsoft

Question 14

What is least privilige?

Answer 14

Limits users’ access rights to only what are required to do their jobs.

Question 15

What is Zero Trust?

Answer 15

1) Its where trust is constantly evaluated and reasserted.

Question 16

Adaptive Authentication

Before?

Answer 16

Inconsistent authentication policies, password sprawl, MFA fatigue.

Question 17

Adaptive Authentication

After Ping?

Answer 17

Consistent central authentication & SSO that intelligentily steps up based on risk signals.

Question 18

Dynamic Authorization

Before?

Answer 18

Users being given more static, role-based access privileges than they need.

Question 19

Dynamic Authorization

Before?

Answer 19

Users being given more static, role-based access privileges than they need.

Question 20

Dynamic Authorization

Before?

Answer 20

Users being given more static, role-based access privileges than they need.

Question 21

Dynamic Authorization

Before?

Answer 21

Users being given more static, role-based access privileges than they need.

Question 22

Dynamic Authorization

Before?

Answer 22

Users being given more static, role-based access privileges than they need.

Question 23

Dynamic Authorization

After Ping?

Answer 23

Real-time, fine-grained access that enables Zero Trust security, but is invisible to users.

1) Protect URLs
2) Filter data coming back from API requests
3) Have RBAC
4) Have ABAC

Question 24

Single View of Customer

Before?

Answer 24

User data scattered across the enterprise, disjointed multi-channel experience.

Question 25

Single View of Customer

After Ping?

Answer 25

A unified profile through bi-directional synchronization helps you delight users.

Question 26

Account Registration & Protection

Before?

Answer 26

Fraudsters imprersonating legitimate users before and after account creation.

Question 27

Account Registration & Protection

After Ping?

Answer 27

Detect fraud and add extra verification, even before a user has registered or logged in.

Question 28

First Meeting Goals Building Blocks?

4

Answer 28

1) Which part of the user lifecycle is their focus?
2) Workflows that currenlty exist(users, directories,applications,sizes)
3) Impact
4) Business value

Question 29

Workforce Identity Business Value

3

Answer 29

1) Productivity
2) Assets Secure
3) More Agility

Question 30

Where is PingOne for Enterprise deployed?

Answer 30

It is cloud based.

Question 31

What is PingOne for Enterprise?

Answer 31

1) A cloud identity platform that orchestrates adaptive authentication and access to connect employees across any application, and directory and any device.
2) Provides a centrally managed authentication authority ( A hub that provides access controls to enable seamless, consistent experiences for your workforce, while paving the way to Zero Trust.

Question 32

What are the key features of PingOne for Workforce/

Answer 32

1) Authentication Authority
2) Orchestration that lets you design frictionless, secure employee access by integrationg all your chosen identity vendors and business apllications with workflows.
3) SSO and MFA for employees, partners and more
4) Centralized management portal
5) Single source of truth cloud directory

Question 33

Business value of PingOne for Workforce?

Answer 33

1) SSO - frictionless, passwordless, and consistent authentication experience across all app environments.
2) Enable Zero Trust Security - limit account comprimise with MFA. Add adaptive and contextual policies to assess risk in the background to reduce login friction.
3) Keep Pase With Business Needs - rapidly onboard apps and quickly respond to business needs with centralized management, self-service and delegated authentication capabilities.

Question 34

PingOne for Workforce Capabilities and Benefits

Answer 34

1) No-code Identity Orchestration
2) SSO
3) Adaptive Multi-Factor Authentication
4) Single Source of Truth
5) Centralized Access Security
6) Employee Dock
7) Unified Administration

Question 35

What type of connections to applications for PingOne for Workforce?

Answer 35

1) SAML
2) OIDC
3) Mobile
4) Singlepage apps
5) API’s

Question 36

What can PingOne for Enterprise be for Ping Access?

Answer 36

A token provider

Question 37

What is PIngFederate?

Answer 37

Software deployed in your own data center or cloud that provides user authentication and SSO.

Question 38

What can PingFederate integrate with?

Answer 38

1) All major web application servers and virtualization platforms.
2) Office 365 and Azure AD Connect
3) LDAP enabled applications
4) Legacy web access mamagement solutions
5) Directory servers
6) MDM providers
7) Multi-factor services

Question 39

What is authentication with intelligence?

Question 40

What did PingOne SSO used to be called?

Answer 40

PingOne for Customers

Question 41

What is PingOne SSO?

Answer 41

1) Both workforce and customer use cases
2) Identity Provider
3) SAML, OIDC and OpenID Connect capabilities
4) Own Directory
5) Some MFA
6) Integrates with MFA, Risk, Authorize, PingID, Verify
7) Application catalog is coming
8) Front end for any SAML or OIDC provider
9) Can be a token provider for PingAcces

Question 42

With PingOne SSO you can deliver?

Answer 42

1) Better user experience (SaaS, mobile, cloud, and enterprise apps with one set of credentials)
2) Stronger security (one password)
3) Lower IT Costs (help desk)

Question 43

With PingOne Verify you can deliver?

Question 44

What is PingOne Verify?

Answer 44

Is a cloud-based customer identity verification service.

Question 45

What can I do with PingOne Verify mobile SDK?

Question 46

What capabilities does Ping API Intelligence offer?

Answer 46

1) API traffic visibility and automated API discovery
2) Artificial intelligence to learn traffic on each API
3) Automated attack blocking
4) Dashboards and in-depth reports for audits, plus forensic and governance reports

Question 47

How does API Intelligence work?

Answer 47

1) In-depth traffic visibility
2) Learn API traffic behavior
3) Detect and block attacks

Question 48

How does Registration help?

Answer 48

1) Make it easy to acquire and add new customers
2) Make it easy to get started
3 Give customers best-in-class, self services
4) Allow your users to register and sign on using social media providers

Question 49

What does PingOne Risk deliver?

Answer 49

1) Make more intelligent authentication decisions
2) Deliver a frictionless user experience while thwarting bad actors from gaining access
3) Real-time risk signals and behaviors help you achieve stronger authentication
4) Aggregates signals to determine if access should be approved, denied or stepped up

Question 50

How does PingOne Authorize help?

Answer 50

1) Centrally enforce contextual, fine-grained access policies
2) Enable real-time, continuous authorization based on ever-changing attributes instead of static ones
3) Protect consumer PII for regulatory compliance, privacy management and user consent
4) Externalize authorization policies for data owners and stakeholders

Question 51

With PingOne Fraud you can deliver?

Answer 51

1) Online fraud detection in real-time
2) Catch previously undetected fraud attacks such as bots, account takeover and new account fraud
3) Behavior biometrics improve customer experience by reducing security events like CAPTCHA
4) Prevent losses by detecting suspicious behavior before the transaction, even without login

Question 52

What are the primary features of PingAccess?

Question 53

Name 3 of Ping’s on premise services that can act as a policy/decision maker.

Answer 53

1) PingFederate
2) PingAuthorize
3) PingAccess

Question 54

How does PingOne DaVinci deliver rapid deployment?

Answer 54

1) Collapse thousands of lines of code into a single API call
2) Enable business & IT teams to collaborate on a single canvas
3) Run test in your actual customer environment via an embeddable widget

Question 55

How does PingOne DaVinci deliver coverage for all identity use cases?

Answer 55

1) It includes fraud detection, verification, authentication, authorization, and more
2) Vender agnostic support for various applications, including IGA, IAM, SIEM and more

Question 56

How does PingOne DaVinci deliver a seamless, secure user experience?

Answer 56

1) Library of 100+ out-of-the box connectors
2) Low-code flows with a drag-and-drop interface
3) Rapid A/B testing to determine optimal user journeys

Question 57

What is PingOne?

Answer 57

An IDAAS SSO offering that enables enterprises to give their users federated access to any application with a single click from a secure, cloud-based dock, accessible from any browser or mobile device.

Question 58

Protocol HTTPS

Answer 58

Browser speak

Question 59

Protocol API

Answer 59

1) Software speak

2) Can be used instead of other protocols to look up users, get attributes, authenticate and authorize

Question 60

Protocol LDAP

Answer 60

Directory

Question 61

Protocol SQL

Answer 61

Database

Question 62

Protocol SCIM

Answer 62

Provisioning

Question 63

Protocol SAML

Answer 63

Open standard for authentication and attribute delivery. Asserts the end user is authenticated and send attributes. Will always be between an authetication service and a service provider (SP)

Question 64

Protocol WS-FED/WS-Trust

Answer 64

Microsoft’s SAML - Authentication and attribute delivery

Question 65

Protocol OAUTH

Answer 65

Authorization

Question 66

Protocol OIDC (OpenID Connect)

Answer 66

OAuth, but also with authentication and attribute delivery

Question 67

Protocol Kerberos

Answer 67

PC login is used for SSO

Question 68

Protocol Radius

Answer 68

VPN authentication

Question 69

Protocol FIDO2

Answer 69

Passwordless authentication

Question 70

What is an IDP?

Answer 70

Identity Provider, a service that authenticates the user and provides attributes, in an assertion, to the service provider (SP) or application.

Question 71

What is a SP?

Answer 71

Serive Provider/Relying Party, a service that receives assertion and extracts the attributes for application use

Question 72

Describe a common SAML flow

Answer 72

1) User enters credentials
2) IDP confirms credentials against available identity sources
3) IDP issues token for SAML assertion
4) User is provided access to the Service Provider (SP)

Question 73

Describe the steps to create an accurate Ouath flow

Answer 73

1) Client sends request to Auth Server
2) Server verifies identity (Authentication) and provides AuthZ for user
3) Tokens returned and sent to resource server
4) Appropriate APIs or information is made available to the user

Question 74

What does an authorization server offer?

Answer 74

Its a service that prompts for permission to access and is responsible for granting access tokens after the user authorizes the application

Question 75

What is JSON?

Answer 75

1) JavaScript Object Notation

2) Its a way to organize data and is used a lot in APIs

Question 76

What is REST?

Answer 76

1) Representational State Transfer
2) A set of guidelines that can be implemented as needed, making Rest APIs faster and more lightweight, with increased scalability

Question 77

What is SOAP?

Answer 77

1) Simple Object Access Protocol
2) Has specific requirements like XML messaging, and built-in security and transaction compliance that make it slower and heavier

Question 78

What is JIT (Just in Time) provisioning?

Answer 78

1) Extends SAML protocol
2) If an authenticated user doesnt have an account at the application side, the application can automatically add them with the attributes from the IDP.
3) JIT provisioning automates account creation

Question 79

What is SCIM (System for Cross-domain Identity Management)?

Answer 79

1) SCIM automates provisioning, deprovisioning, and management

Question 80

What is an Access Gateway?

Answer 80

Think of it as a real gate with a guard who only allows people in who are authorized

Question 81

What is an authorization service?

Answer 81

Think of it as a filter that only lets data you’re allowed to see through.

Question 82

What is the correct order of the user journey?

Answer 82

1) Unknown
2) Known
3) Authenticated
4) Authorized
5) Terminated

Question 83

What are the principal use cases?

6

Answer 83

1) Orchestration
2) Account Registration & Protection
3) Adaptive Authentication
4) Dynamic Authorization
5) Single View of the Customer
6) Cloud Migration

Question 84

What entities impact user experience by giving information about the user to a decision maker?

Answer 84

Services

Question 85

What are the steps in a common SAML flow?

Answer 85

1) User enters credentials
2) IdP confirms credentials against available identity sources
3) IdP issues token for SAML assertion
4) User is provided access to the service provider

Question 86

What are the steps for a accurate OAuth flow?

Answer 86

1) Client sends request to Auth Server
2) Server verifies (AuthN) and provides AuthZ for user
3) Tokens returned and sent to a resource server
4) Appropriate APIs or information is made available to the user

Question 87

What is a Token?

Answer 87

An object that shares information securely

Question 88

What are APIs traditionally used for?

Answer 88

Allows two applications to talk to each other and send requests

Question 89

What is LDAP used for?

Answer 89

A protocol for accessing directories

Question 90

Why would you use MFA?

Answer 90

1) Extra security for user login
2) Require step-up based on geography
3) Further secure apps with additional policies

Question 91

What are the advantages to having an orchestration tool?

Answer 91

1) Less work for developers
2) View the entire user experience in one place
3) Less custom code
4)

Question 91

What are the advantages to having an orchestration tool?

Answer 91

1) Less work for developers
2) View the entire user experience in one place
3) Less custom code
4)

Question 92

In the CIAM use case, how do users get entered into the directory?

3

Answer 92

1) . Self-service registration
2) Progressive Profiling
3) Synced from another directory

Question 93

What are the steps for identity verification?

4

Answer 93

1) . Take a selfie
2) Take a picture of the government ID
3) Submit the images to Ping’s verification service for matching
4) Receive the verification status

Question 94

When can fraud be detected?

Answer 94

All the time. Anywhere in the user journey.

Question 95

What can make a decision based on a risk score?

3

Answer 95

1) An orchestration platform
2) A policy
3) An application

Question 96

What are the most common authentication standards?

2

Answer 96

SAML and OIDC

Question 97

What is the use case PingID is used for?

Answer 97

Its an MFA service for only CIAM

Question 98

What can translate the scores from the PingOne services (Risk, Fraud, Verify) into action?

3

Answer 98

1) . The application
2) PingFederate (workforce solution)
3) PingOne DaVinci

Question 99

What does Ping Access deliver?

Answer 99

1) Access policies by URL
2) Protect API endpoints
3) Works with JWT tokens

Question 99

What does Ping Access deliver?

Answer 99

1) Access policies by URL
2) Protect API endpoints
3) Works with JWT tokens

Question 100

What Ping products deliver SSO?

3

Answer 100

1) PingOne
2) PingOne for Enterprise
3) PingFederate

Question 101

What Ping products provide MFA?

2

Answer 101

1) PingOne MFA

2) PingID

Question 102

What does an identity provider do?

Answer 102

An identity provider (IdP) is a system component that provides an end user or internet-connected device with a single set of login credentials that ensures the entity is who or what it says it is across multiple platforms, applications and networks.

Question 103

What is PingID most used for?

Answer 103

Workforce Users

Question 104

What is PingOne MFA mostly used for?

Answer 104

CIAM

Question 105

What are the features of PingOne DaVinci?

Answer 105

1) 100s of out of the box connectors
2) Can orchestrate non-identity flows not connected to Ping
3) Low-code platform to help facilitate API calls
4) Drag-and-drop interface for business and IT teams to collaborate on

Question 106

What are features of PingDirectory?

Answer 106

1) . User management APIs
2) Consent APIs
3) LDAP-based
4) Software you can deploy anywhere

Question 107

PingCentral

Answer 107

Delegated Admin for environment management.

It enables self-service, delegated administration for business users to integrate their own applications and APIs and consume centralized identity services.