Bash, the Crucial Exams Chat Bot
AI Bot
ISC2 CISSP - Identity and Access Management (IAM) Flashcards
ISC2 CISSP Flashcards
Study our ISC2 CISSP - Identity and Access Management (IAM) flashcards for the ISC2 CISSP exam with 26+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| Challenges of password-based authentication | Vulnerable to guesswork, brute-force attacks, and poor user management practices. |
| Difference between DAC and MAC | Discretionary Access Control allows data owners to set permissions, Mandatory Access Control enforces permissions based on policies. |
| Key components of IAM | Identification, Authentication, Authorization, Accountability. |
| Purpose of access control mechanisms | To restrict and manage user access to resources based on policies. |
| Types of authentication factors | Knowledge (something you know), Possession (something you have), Inherence (something you are), Location, Behavior. |
| What does AAA stand for in security | Authentication, Authorization, and Accounting. |
| What does SSO stand for | Single Sign-On. |
| What is ABAC | Attribute-Based Access Control, assigns access based on attributes like user, resource, or environment. |
| What is an access control list (ACL) | A list defining the permissions for various users or systems to access a resource. |
| What is authentication | The process of verifying the identity of a user or system. |
| What is authorization | The process of determining access rights and permissions for an authenticated user. |
| What is cookie-based session management | Using cookies to maintain state and memory of user sessions. |
| What is de-provisioning | The process of removing access and disabling accounts when no longer needed. |
| What is identity federation | Linking a user's digital identity across multiple systems or organizations. |
| What is identity proofing | The process of verifying identity during enrollment or account creation. |
| What is Just-In-Time (JIT) access | Providing temporary access to resources as needed for specific tasks. |
| What is Kerberos | A network authentication protocol using tickets to securely manage credentials. |
| What is LDAP | Lightweight Directory Access Protocol, used to access and manage directory information. |
| What is MFA | Multifactor Authentication - using two or more factors for authentication. |
| What is provisioning | The process of creating and enabling user accounts and access rights. |
| What is proximity-based authentication | Authentication using physical closeness, often via tokens or smart cards. |
| What is RBAC | Role-Based Access Control, assigns access based on roles within an organization. |
| What is the goal of Identity Governance | To ensure identities are managed properly and comply with policies. |
| What is the principle of least privilege | Grant users only the access necessary to perform their job functions. |
| What is the purpose of a digital certificate | To verify identity and establish trust, often in PKI systems. |
| What is the purpose of a directory service | To store and manage information about users and resources in a network. |
About the Flashcards
Flashcards for the ISC2 CISSP exam give you a quick-hit way to review essential identity and access management (IAM) terminology. Each card distills definitions and core ideas so you can test recall of authentication steps, authorization decisions, and the security frameworks that bind them together.
Topics span multifactor and proximity-based login methods, SSO, Kerberos, and directory protocols like LDAP. You will revisit access control models-DAC, MAC, RBAC, and ABAC-alongside least privilege, identity federation, JIT access, provisioning life-cycle tasks, and governance controls that keep accounts compliant. Use them for fast pre-exam reinforcement or on-the-go drilling.
Topics covered in this flashcard deck:
- Authentication & MFA
- Access control models
- Single Sign-On & federation
- Directory services protocols
- Provisioning & de-provisioning
- Identity governance