Bash, the Crucial Exams Chat Bot
AI Bot
Identity and Access Management Terms and Concepts Flashcards
What is the principle of least privilege?
"SFA is a security process that requires only one method of authentication, such as a password, to verify the identity of the user."
Define biometrics in the context of authentication.
"A digital certificate is an electronic document used to prove the ownership of a public key, typically issued by a certificate authority (CA)."
Define privileged access management (PAM).
Define single-factor authentication (SFA).
"PAM is the process of managing and controlling access to critical systems and data by privileged users, including administrators and superusers."
What is a digital certificate?
"Biometrics refers to the use of physical characteristics, such as fingerprints, facial recognition, or iris scans, to verify identity."
"Authentication is the process of verifying the identity of a user, while authorization is the process of granting or denying access to resources based on the user's identity."
What is the difference between authentication and authorization?
The principle of least privilege states that users should be granted the minimum levels of access – or permissions – needed to perform their job functions.
| Front | Back |
| Define biometrics in the context of authentication. | "Biometrics refers to the use of physical characteristics, such as fingerprints, facial recognition, or iris scans, to verify identity." |
| Define privileged access management (PAM). | "PAM is the process of managing and controlling access to critical systems and data by privileged users, including administrators and superusers." |
| Define single-factor authentication (SFA). | "SFA is a security process that requires only one method of authentication, such as a password, to verify the identity of the user." |
| Describe the concept of attribute-based access control (ABAC). | "ABAC is an access control method where access rights are granted based on attributes, such as user role, department, and security clearance level." |
| Explain the concept of role-based access control (RBAC). | RBAC is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. |
| Explain the use of LDAP in identity management. | "LDAP, or Lightweight Directory Access Protocol, is an open, vendor-neutral, industry standard for accessing and maintaining distributed directory information services over an IP network." |
| What are access control lists (ACLs)? | "ACLs are a set of rules that allow or deny access to network resources, based on user identities or other criteria." |
| What is a digital certificate? | "A digital certificate is an electronic document used to prove the ownership of a public key, typically issued by a certificate authority (CA)." |
| What is a directory service? | "A directory service is a software system that stores, organizes, and provides access to information in a directory." |
| What is an identity provider (IdP)? | "An IdP is a system or service that creates, maintains, and manages identity information for principals and provides authentication services to relying applications within a federation or distributed network." |
| What is identity federation? | Identity federation is the practice of linking a single digital identity and its characteristics across multiple systems or organizations. |
| What is multi-factor authentication (MFA)? | MFA is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction. |
| What is single sign-on (SSO)? | SSO is an authentication process that allows a user to access multiple applications with one set of login credentials. |
| What is the difference between authentication and authorization? | "Authentication is the process of verifying the identity of a user, while authorization is the process of granting or denying access to resources based on the user's identity." |
| What is the principle of least privilege? | The principle of least privilege states that users should be granted the minimum levels of access – or permissions – needed to perform their job functions. |
Front
What is the difference between authentication and authorization?
Click the card to flip
Back
"Authentication is the process of verifying the identity of a user, while authorization is the process of granting or denying access to resources based on the user's identity."
Front
Define single-factor authentication (SFA).
Back
"SFA is a security process that requires only one method of authentication, such as a password, to verify the identity of the user."
Front
What is a directory service?
Back
"A directory service is a software system that stores, organizes, and provides access to information in a directory."
Front
What are access control lists (ACLs)?
Back
"ACLs are a set of rules that allow or deny access to network resources, based on user identities or other criteria."
Front
Define biometrics in the context of authentication.
Back
"Biometrics refers to the use of physical characteristics, such as fingerprints, facial recognition, or iris scans, to verify identity."
Front
What is a digital certificate?
Back
"A digital certificate is an electronic document used to prove the ownership of a public key, typically issued by a certificate authority (CA)."
Front
What is the principle of least privilege?
Back
The principle of least privilege states that users should be granted the minimum levels of access – or permissions – needed to perform their job functions.
Front
Explain the use of LDAP in identity management.
Back
"LDAP, or Lightweight Directory Access Protocol, is an open, vendor-neutral, industry standard for accessing and maintaining distributed directory information services over an IP network."
Front
Explain the concept of role-based access control (RBAC).
Back
RBAC is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise.
Front
What is identity federation?
Back
Identity federation is the practice of linking a single digital identity and its characteristics across multiple systems or organizations.
Front
What is single sign-on (SSO)?
Back
SSO is an authentication process that allows a user to access multiple applications with one set of login credentials.
Front
Describe the concept of attribute-based access control (ABAC).
Back
"ABAC is an access control method where access rights are granted based on attributes, such as user role, department, and security clearance level."
Front
Define privileged access management (PAM).
Back
"PAM is the process of managing and controlling access to critical systems and data by privileged users, including administrators and superusers."
Front
What is an identity provider (IdP)?
Back
"An IdP is a system or service that creates, maintains, and manages identity information for principals and provides authentication services to relying applications within a federation or distributed network."
Front
What is multi-factor authentication (MFA)?
Back
MFA is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
1/15
Learn key Identity and Access Management concepts like MFA, SSO, RBAC, and LDAP with this flashcard deck. Understand terms like biometrics, identity federation, privileged access management, and digital certificates. Perfect for anyone looking to enhance their security knowledge or prepare for certifications in cybersecurity and access control systems.