Identity and Access Management Terms and Concepts Flashcards
Acronym | Definition |
---|---|
What is multi-factor authentication (MFA)? | MFA is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction. |
Define biometrics in the context of authentication. | "Biometrics refers to the use of physical characteristics, such as fingerprints, facial recognition, or iris scans, to verify identity." |
What is single sign-on (SSO)? | SSO is an authentication process that allows a user to access multiple applications with one set of login credentials. |
Explain the concept of role-based access control (RBAC). | RBAC is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. |
What is identity federation? | Identity federation is the practice of linking a single digital identity and its characteristics across multiple systems or organizations. |
Define privileged access management (PAM). | "PAM is the process of managing and controlling access to critical systems and data by privileged users, including administrators and superusers." |
What are access control lists (ACLs)? | "ACLs are a set of rules that allow or deny access to network resources, based on user identities or other criteria." |
What is the principle of least privilege? | The principle of least privilege states that users should be granted the minimum levels of access – or permissions – needed to perform their job functions. |
Describe the concept of attribute-based access control (ABAC). | "ABAC is an access control method where access rights are granted based on attributes, such as user role, department, and security clearance level." |
What is a directory service? | "A directory service is a software system that stores, organizes, and provides access to information in a directory." |
Explain the use of LDAP in identity management. | "LDAP, or Lightweight Directory Access Protocol, is an open, vendor-neutral, industry standard for accessing and maintaining distributed directory information services over an IP network." |
What is a digital certificate? | "A digital certificate is an electronic document used to prove the ownership of a public key, typically issued by a certificate authority (CA)." |
Define single-factor authentication (SFA). | "SFA is a security process that requires only one method of authentication, such as a password, to verify the identity of the user." |
What is the difference between authentication and authorization? | "Authentication is the process of verifying the identity of a user, while authorization is the process of granting or denying access to resources based on the user's identity." |
What is an identity provider (IdP)? | "An IdP is a system or service that creates, maintains, and manages identity information for principals and provides authentication services to relying applications within a federation or distributed network." |
Front
What is single sign-on (SSO)?
Click the card to flip
Back
SSO is an authentication process that allows a user to access multiple applications with one set of login credentials.
Front
Explain the concept of role-based access control (RBAC).
Back
RBAC is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise.
Front
What is the principle of least privilege?
Back
The principle of least privilege states that users should be granted the minimum levels of access – or permissions – needed to perform their job functions.
Front
What is an identity provider (IdP)?
Back
"An IdP is a system or service that creates, maintains, and manages identity information for principals and provides authentication services to relying applications within a federation or distributed network."
Front
What is multi-factor authentication (MFA)?
Back
MFA is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
Front
Define privileged access management (PAM).
Back
"PAM is the process of managing and controlling access to critical systems and data by privileged users, including administrators and superusers."
Front
What is a digital certificate?
Back
"A digital certificate is an electronic document used to prove the ownership of a public key, typically issued by a certificate authority (CA)."
Front
What is identity federation?
Back
Identity federation is the practice of linking a single digital identity and its characteristics across multiple systems or organizations.
Front
Explain the use of LDAP in identity management.
Back
"LDAP, or Lightweight Directory Access Protocol, is an open, vendor-neutral, industry standard for accessing and maintaining distributed directory information services over an IP network."
Front
What are access control lists (ACLs)?
Back
"ACLs are a set of rules that allow or deny access to network resources, based on user identities or other criteria."
Front
What is the difference between authentication and authorization?
Back
"Authentication is the process of verifying the identity of a user, while authorization is the process of granting or denying access to resources based on the user's identity."
Front
Define single-factor authentication (SFA).
Back
"SFA is a security process that requires only one method of authentication, such as a password, to verify the identity of the user."
Front
Describe the concept of attribute-based access control (ABAC).
Back
"ABAC is an access control method where access rights are granted based on attributes, such as user role, department, and security clearance level."
Front
What is a directory service?
Back
"A directory service is a software system that stores, organizes, and provides access to information in a directory."
Front
Define biometrics in the context of authentication.
Back
"Biometrics refers to the use of physical characteristics, such as fingerprints, facial recognition, or iris scans, to verify identity."
1/15