Week 1 Modules 1&2

Question 1

The process of establishing the identities of interacting parties in an electronic transaction with a certain level of confidence

Answer 1

Identity Management

Question 2

What are 3 reasons to having identity management?

Answer 2

Logical Access Control
Monitoring
Physical Access Control

Question 3

What is an entity?

Answer 3

Something with a separate and distinct existence that can be identified in context

Question 4

The following are examples of what?
Human, agency, object, users, devices
A. Attribute
B. Entity
C. Actor
D. None of the above

Answer 4

B. Entity

Question 5

A characteristic or property of an entity. Describes an aspect of an entity.

Answer 5

Attribute

Question 6

The following are examples of what?

SSN, VIN #, IPAddress, Make of a car

Answer 6

Attribute

Question 7

An attribute or set of attributes that uniquely identifies a subject (entity) within a domain or context.

Answer 7

Identity

Question 8

Environment where an entity uses a set of attributes for identification, and other purposes.
OR
Environment with defined boundary conditions in which entities exist and interact.

Answer 8

Domain/Context

Question 9

What is a digital representation of information known about a specific individual, group or organization.

Answer 9

Digital Identity

Question 10

What is identity information that unambiguously distinguishes one entity from another in a given domain?

Answer 10

Identifier

Question 11

________ is the process of recognizing an entity as distinct from other entities in a domain.

Answer 11

Identification

Question 12

_______ applies verification to claimed or observed attributes.

Answer 12

Identity Verification (Authentication)

Question 13

Evidence, during authentication, is called an ______

Answer 13

Authenticator

Question 14

The structure linking the identity and authenticator is called a ______.

Answer 14

Credential

Question 15

The validity of a credential involves verifying what?

A. Correctness
B. Integrity
C. Authenticity
D. Currency
E. Attributes
F. All of the above

Answer 15

A. Correctness
B. Integrity
C. Authenticity
D. Currency

Question 16

What does Authenticity mean?

Answer 16

issued by the correct authority

Question 17

What is correctness?

Answer 17

conformance to the rules pertaining to the type of credential

Question 18

______ is a subject whose identity is to be verified using one or more authentication protocols.

Answer 18

Claimant

Question 19

A _____ is an entity that checks a claimant’s identity by verifying the claimant’s possession and control of one or two authenticators, using an authentication protocol.

Answer 19

Verifier

Question 20

A category describing the strength of the authentication process.
A. Identity Access Assurance Level (IAAL)
B. Authentication Strength Level (ASL)
C. Authenticator Assurance Level (AAL)
D. None of the above

Answer 20

C. Authenticator Assurance Level

Question 21

________ is a defined sequence of messages that demonstrates the claimant has possession and control of a valid authenticators to establish their identity. Can demonstrates the claimant is communicating with the intended verifier.

Answer 21

Authentication protocol

Question 22

What is an Identity Media (Token)?

Answer 22

A device or object storing one or more credentials, claims, or attributes related to a single entity.

Question 23

The ________ is an entity that creates, assigns, maintains and issues identity and credentials. Can also be a verifier.

Answer 23

Identity Provider/Identity Information Provider (IdP)

Question 24

What is an identity assertion?

Answer 24

Statement made by an identity provider, used by a relying party for providing a service.
Proof of a successful authentication

Question 25

What is the level of assurance in the result of an identity verification/authentication?

Answer 25

Identity (authentication) assurance

Question 26

A _____ is authorized to enroll in an identity system and is authenticated for eligibility to access resources or services.

A. User
B. Subject
C. Principal
D. Actor

Answer 26

C. Principal

Question 27

The below are responsibilities of who?

1. Provide accurate identity information for enrollment
2. request to be identified and authorized for access
3. access to own information and request modification if needed

Answer 27

Principal

Question 28

The ____ performs identity verification or authentication.

A. Verifier
B. Authorizer
C. Enroller
D. None of the above

Answer 28

A. Verifier

Question 29

An entity that receives identity assertions from a verifier and relies on them for a purpose is the _____.

Answer 29

Relying party (RP)

Question 30

What are the phases of the Identity Management Lifecycle? (choose all)
A. Enrollment
B. Planning
C. Credential Management
D. Authentication
E. Monitoring

Answer 30

A. Enrollment
C. Credential Management
D. Authentication

Question 31

____ and _____ are the processes involved in the Enrollment Phase.

Answer 31

Identity proofing

Registration

Question 32

The Lifecycle management phase ____ is the collection of processes involved in making an entity known within a domain/context.

Answer 32

Enrollment

Question 33

______ is a form of authentication based on identity evidence that is performed as the condition for enrollment.
Could be a Birth Certificate, ID, Passport.

Answer 33

Identity Proofing

Question 34

The process of recording an entity's identity information in an identity register.
A. Enrollment
B. Registration
C. Recording
D. Identifier

Answer 34

B. Registration

Question 35

Processes in the ______ phase in the Lifecycle Management that enable an entity to join, participate in and terminate participation in a domain/context.

Answer 35

Credential Management

Question 36

The activities included in the Credential Management Phase of the Lifecycle include:
A. Issue
B. Bind
C. Verify
D. Revoke
E. Modify
F. Record-keeping

Answer 36

A. Issue
B. Bind
D. Revoke
F. Record-keeping

Question 37

According to ISO/IEC, the following are part of what phase in the Management Lifecycle?
Credential Creation, Issuance, Activation, Storage, Suspension, Revocation, Destruction, Renewel, Record-Keeping

Answer 37

Credential Management Phase

Question 38

The _____ phase of the Management Lifecycle includes the use of a protocol to demonstrate possession of a credential to establish confidence in a claim of identity.

Answer 38

Authentication (usage)