Terms

Question 1

Memorandum of Understanding

Answer 1

Usually a preliminary or exploratory agreement to express an intent to work together.

Question 2

Service License Agreement

Answer 2

A contractual agreement setting our the detailed terms under which an ongoing service is provided.

Question 3

Identity and Access Management

Answer 3

The process of protecting how users and devices are represented in the organization, as well as how users and devices are granted access to resources based on this representation.

Question 4

Provisioning

Answer 4

Creating an account and giving a user authorization to use a particular application or file

Question 5

Deprovisioning

Answer 5

Removing authorization or disabling an account

Question 6

Privilege Management

Answer 6

Policies that describe what accounts should be able to do on a system and the technical controls to enforce the policies

Question 7

Access Control

Answer 7

The control of access to system resources after a user’s account credentials and identity have been authenticated and access to the system has been granted.

Question 8

Discretionary Access Control

Answer 8

The owner of the file/folder has rights to assign permissions to the file/folder. Most permissive option.

Question 9

Role-based access control

Answer 9

A set or organizational roles are assigned to which permissions are granted. Users are assigned a role to receive access.

Question 10

Attribute-based access control

Answer 10

Access decisions are based on a combination of subject and object attributes as well as any context-sensitive or system-wide attributes.

Question 11

Mandatory access control

Answer 11

Resources are assigned a clearance level and users have access to anything at their clearance level and below.
Permissions are assigned by system owner and users have no control over permissions,