SailPoint Flashcards
What is SSO?
Single Sign-On (SSO) is an authentication mechanism that allows users to log in once and access multiple applications without re-entering credentials. It improves security by reducing password fatigue and centralizing authentication through an identity provider (IdP) like Okta, Microsoft Entra ID, or SailPoint. SSO uses protocols like SAML, OAuth 2.0, and OpenID Connect to securely grant access while enhancing user experience and compliance.
What is SailPoint CIEM?
Sailpoint’s Cloud Infrastructure Entitlement Management (CIEM) enhances identity governance by providing a deeper view into the effective access of entitlements to resources and your user’s entitlement activity in your cloud infrastructure.
What is SailPoint’s ISC?
Identity Security Could is a unified, multi-tenant identity governance and security platform. ISC provides organizations with the ability to ensure that their users, known as identities in ISC, have secure access to different data sources, and it makes identity access management fast and easy.
What is KBA?
Knowledge-Based Authentication (KBA) is a security method that verifies a user’s identity by asking them to answer predefined or dynamically generated questions based on personal knowledge. It is commonly used in account recovery and identity verification. KBA can be static (fixed questions like “What is your mother’s maiden name?”) or dynamic (real-time questions based on public records or transaction history). While convenient, KBA is increasingly seen as insecure due to data breaches and social engineering risks.
In the context of insider trading, what is “material information”?
Material information in insider trading refers to non-public information that could significantly impact a company’s stock price if disclosed. This includes earnings reports, mergers, acquisitions, leadership changes, or major business developments. Trading on such information before it’s public is illegal.
What is OLAP in software development?
OLAP (Online Analytical Processing) is a technique used for fast, multidimensional analysis of large volumes of data, often used in reporting, auditing, and decision-making.
What is the CQRS pattern?
CQRS (Command Query Responsibility Segregation) is a design pattern that separates read operations (queries) from write operations (commands) to improve scalability, performance, and maintainability.
What is DBT?
DBT, aka data-build-tool is an open-source command-line tool and cloud platform that enables analytics engineers and data teams to transform raw data into clean, modeled datasets inside a data warehouse using SQL and version control
What is Airflow DAG
In Apache Airflow, a DAG stands for Directed Acyclic Graph. It is a collection of tasks with defined dependencies and execution order, used to represent a workflow or pipeline.
What is Kafka?
Apache Kafka is a distributed event streaming platform used to build real-time data pipelines and event-driven applications. It was originally developed by LinkedIn and is now an open-source project maintained by the Apache Software Foundation.
What is Jenkins?
Jenkins is an open-source automation server used to implement Continuous Integration (CI) and Continuous Delivery (CD) in software development.
What is c3p0?
c3p0 is an open-source JDBC connection pooling library for Java. It helps manage database connections efficiently by reusing existing connections instead of opening a new one for every query.
What is SailPoint AIC?
Access Intelligence Center (AIC) allows you to discover key insights into your identity and administration program. You can view and create dashboards to customize the data you view.
What is GDPR?
General Data Protection Regulation
What are the foundational principles of Privacy by Design?
- Proactive not reactive/preventative not remedial
- Privacy as de Default Setting
- Privacy Embedded into Design
- Full Functionality; Positive-Sum, Not Zero-Sum
- End-to-End Security; Full Life Cycle Protection
- Visibility and Transparency - Keep it Open
- Respect for User Privacy - Keep it User-Centric
What are the Fair Information Practices (FIPs)
- Consent
- Accountability
- Purpose Specification
- Collection Limitation
- Use, Retention and Disclosure Limitation
- Accuracy
- Security
- Openness
- Access
- Compliance