Week 1 Module 3

Question 1

A _______ is a unique representation of a subject engaged in an online transaction.
A subject may have multiples for different contexts/domains (IE: Email and online banking)

Answer 1

Digital Identity

Question 2

The \_\_\_\_\_ involves processes and entities involved in creating digital identities and using them for authentication of subjects for online transactions.
A. Online Access Model
B. Online Identity Model
C. Digital Identity Model
D. Digital Access Model

Answer 2

C. Digital Identity Model

Question 3

What are the 4 processes that make up the Digital Identity Model?

Answer 3

Enrollment/identity proofing
Credential Issuance
Authentication
Lifecycle Management Process

Question 4

When a subject (applicant) seeks a digital identity for a service is is applying to an entity called the _________.

A, Digital Service Provider
B. Credential Service Provider
C. Identity Service Provider
D. None of the above

Answer 4

B. Credential Service Provider

Question 5

_______ establishes that a subject is actually who they claim to be.

Answer 5

Identity Proofing

Question 6

To help reduce errors in identity proofing there are 3 _________ associated with this process.
A. Identity Assurance Levels
B. Identity Proofing Levels
C. Digital Identity Levels

Answer 6

A. Identity Assurance Levels

Question 7

How many levels are there in the Identity Assurance Levels?

Answer 7

3

Question 8

Which Identity Assurance Level (IAL) requires NO evidence?

Answer 8

IAL1

Question 9

In the Digital Identity Model, what is the process that follows the Enrollment/Identity Proofing Process?

Answer 9

Credential Issuance Process

Question 10

In the Credential Issuance Process, the CSP creates an ______ and binds them to one or more ________ to create a Credential.

Answer 10

identifier

authenticators

Question 11

An applicant becomes a \_\_\_\_\_ when issued credentials.
A. User
B. Subject
C. Subscriber
D. Enrollee

Answer 11

C. Subscriber

Question 12

Enrollment, identity proofing and credential issuance may be delegated by the CSP to the _______.

Answer 12

Registration Authority (RA) or Identity Manager (IM)

Question 13

A ______ occurs and starts the _____ process.

Answer 13

authentication event

authentication

Question 14

A ______ is a subscriber wanting to get their identity verified to access a digital service.

A. User
B. Claimant
C. Requester
D. None of the above

Answer 14

B. Claimant

Question 15

The ______ is the entity that checks to make sure the identity is correct.

Answer 15

Verifier

Question 16

A ___________ is the sequence of messages that enable a claimant to show possession and control of 1 or more authentictors to a verifier.

Answer 16

authentication protocol

Question 17

The authentication process’ strength is measured by what metric?

Answer 17

Authentication Assurance Level (AAL)

Question 18

Based on authentication, the verifier (or CSP) generates an assertion and send it to the ______, who either provides the digital service or its agent.

Answer 18

Relying Party (RP)

Question 19

T/F: If authentication is good, a session between the subscriber and relying party is established to provide the service requested.

Answer 19

True

Question 20

In a ______ architect, the RP outsources all identity proofing attribute collection and attribute storage to a CSP.

Answer 20

federated identity architecture

Question 21

The ______ is the protocol for conveying the assertion from the verifier (or CSP) to the Relying Party (RP)

A. verification protocol
B. assertion protocol
C. assurance protocol

Answer 21

B. assertion protocol

Question 22

The strength of the assertion protocol is expressed as ______, for which there are 3 levels.

Answer 22

Federation Assurance Level (FAL)

Question 23

The activities the CSP performs to maintain the credential, its status, and the enrollment data collected for the Credential is called what?

A. Lifecycle Management Process
B. Credential Management Process
C. Credential Lifecycle Process
D. None of the above

Answer 23

A. Lifecycle Management Process