| Define biometrics in the context of authentication. | "Biometrics refers to the use of physical characteristics, such as fingerprints, facial recognition, or iris scans, to verify identity." |
| What are access control lists (ACLs)? | "ACLs are a set of rules that allow or deny access to network resources, based on user identities or other criteria." |
| What is single sign-on (SSO)? | SSO is an authentication process that allows a user to access multiple applications with one set of login credentials. |
| Define single-factor authentication (SFA). | "SFA is a security process that requires only one method of authentication, such as a password, to verify the identity of the user." |
| Explain the concept of role-based access control (RBAC). | RBAC is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. |
| What is a digital certificate? | "A digital certificate is an electronic document used to prove the ownership of a public key, typically issued by a certificate authority (CA)." |
| Describe the concept of attribute-based access control (ABAC). | "ABAC is an access control method where access rights are granted based on attributes, such as user role, department, and security clearance level." |
| Define privileged access management (PAM). | "PAM is the process of managing and controlling access to critical systems and data by privileged users, including administrators and superusers." |
| What is the principle of least privilege? | The principle of least privilege states that users should be granted the minimum levels of access – or permissions – needed to perform their job functions. |
| What is an identity provider (IdP)? | "An IdP is a system or service that creates, maintains, and manages identity information for principals and provides authentication services to relying applications within a federation or distributed network." |
| What is a directory service? | "A directory service is a software system that stores, organizes, and provides access to information in a directory." |
| What is multi-factor authentication (MFA)? | MFA is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction. |
| Explain the use of LDAP in identity management. | "LDAP, or Lightweight Directory Access Protocol, is an open, vendor-neutral, industry standard for accessing and maintaining distributed directory information services over an IP network." |
| What is the difference between authentication and authorization? | "Authentication is the process of verifying the identity of a user, while authorization is the process of granting or denying access to resources based on the user's identity." |
| What is identity federation? | Identity federation is the practice of linking a single digital identity and its characteristics across multiple systems or organizations. |