Section 17 - Identity and Access Management

Question 1

What are few ways to protect passwords?

Answer 1

1. Password Managers
2. Passkeys
   etc

Few ways for going password-less -

1. Magic link - gives access through the link
2. OTP
3. Biometric autentication
4. Hardware token

Question 2

What are Spraying attacks on passwords?

Answer 2

It is an attack in which an attacker might have one or a small number of known passwords and it will try this password or a small set of passwords against a large number of usernames/emails to gain unauthorized access.

Question 3

What is LDAP?

Answer 3

LDAP stands for Light Weight Directory Access Protocol.
It is a protocol with which we can query Active Directory and can use this protocol to create, and manage the Active directory directory database.
We can also use this protocol for authentication and authorization, and can implement SSO with it.

Question 4

What is OAuth?

Answer 4

Oauth stands for open authorization in which we give authorization to a third party to share our information like name, email, profile picture etc.

Question 5

What is PAM (Privilege Access Management)?

Answer 5

It refers to policies, procedures and controls that are used to prevent malicious abuse of privilege accounts.

It consist of 3 principles -
1. Just-in-time permissions
2. Password vaulting - like cyberarc
3. Temporal accounts