Bash, the Crucial Exams Chat Bot
AI Bot
ISC2 CISSP - Identity and Access Management (IAM) Flashcards
| Front | Back |
| Challenges of password-based authentication | Vulnerable to guesswork, brute-force attacks, and poor user management practices. |
| Difference between DAC and MAC | Discretionary Access Control allows data owners to set permissions, Mandatory Access Control enforces permissions based on policies. |
| Key components of IAM | Identification, Authentication, Authorization, Accountability. |
| Purpose of access control mechanisms | To restrict and manage user access to resources based on policies. |
| Types of authentication factors | Knowledge (something you know), Possession (something you have), Inherence (something you are), Location, Behavior. |
| What does AAA stand for in security | Authentication, Authorization, and Accounting. |
| What does SSO stand for | Single Sign-On. |
| What is ABAC | Attribute-Based Access Control, assigns access based on attributes like user, resource, or environment. |
| What is an access control list (ACL) | A list defining the permissions for various users or systems to access a resource. |
| What is authentication | The process of verifying the identity of a user or system. |
| What is authorization | The process of determining access rights and permissions for an authenticated user. |
| What is cookie-based session management | Using cookies to maintain state and memory of user sessions. |
| What is de-provisioning | The process of removing access and disabling accounts when no longer needed. |
| What is identity federation | Linking a user's digital identity across multiple systems or organizations. |
| What is identity proofing | The process of verifying identity during enrollment or account creation. |
| What is Just-In-Time (JIT) access | Providing temporary access to resources as needed for specific tasks. |
| What is Kerberos | A network authentication protocol using tickets to securely manage credentials. |
| What is LDAP | Lightweight Directory Access Protocol, used to access and manage directory information. |
| What is MFA | Multifactor Authentication - using two or more factors for authentication. |
| What is provisioning | The process of creating and enabling user accounts and access rights. |
| What is proximity-based authentication | Authentication using physical closeness, often via tokens or smart cards. |
| What is RBAC | Role-Based Access Control, assigns access based on roles within an organization. |
| What is the goal of Identity Governance | To ensure identities are managed properly and comply with policies. |
| What is the principle of least privilege | Grant users only the access necessary to perform their job functions. |
| What is the purpose of a digital certificate | To verify identity and establish trust, often in PKI systems. |
| What is the purpose of a directory service | To store and manage information about users and resources in a network. |
Front
Key components of IAM
Click the card to flip
Back
Identification, Authentication, Authorization, Accountability.
Front
What does AAA stand for in security
Back
Authentication, Authorization, and Accounting.
Front
What is de-provisioning
Back
The process of removing access and disabling accounts when no longer needed.
Front
What is proximity-based authentication
Back
Authentication using physical closeness, often via tokens or smart cards.
Front
What is Kerberos
Back
A network authentication protocol using tickets to securely manage credentials.
Front
What is the principle of least privilege
Back
Grant users only the access necessary to perform their job functions.
Front
What is cookie-based session management
Back
Using cookies to maintain state and memory of user sessions.
Front
What is Just-In-Time (JIT) access
Back
Providing temporary access to resources as needed for specific tasks.
Front
Types of authentication factors
Back
Knowledge (something you know), Possession (something you have), Inherence (something you are), Location, Behavior.
Front
What is the goal of Identity Governance
Back
To ensure identities are managed properly and comply with policies.
Front
What is the purpose of a digital certificate
Back
To verify identity and establish trust, often in PKI systems.
Front
Challenges of password-based authentication
Back
Vulnerable to guesswork, brute-force attacks, and poor user management practices.
Front
What is authorization
Back
The process of determining access rights and permissions for an authenticated user.
Front
What is the purpose of a directory service
Back
To store and manage information about users and resources in a network.
Front
What is authentication
Back
The process of verifying the identity of a user or system.
Front
Difference between DAC and MAC
Back
Discretionary Access Control allows data owners to set permissions, Mandatory Access Control enforces permissions based on policies.
Front
What is MFA
Back
Multifactor Authentication - using two or more factors for authentication.
Front
What does SSO stand for
Back
Single Sign-On.
Front
What is identity federation
Back
Linking a user's digital identity across multiple systems or organizations.
Front
What is RBAC
Back
Role-Based Access Control, assigns access based on roles within an organization.
Front
What is ABAC
Back
Attribute-Based Access Control, assigns access based on attributes like user, resource, or environment.
Front
What is provisioning
Back
The process of creating and enabling user accounts and access rights.
Front
Purpose of access control mechanisms
Back
To restrict and manage user access to resources based on policies.
Front
What is identity proofing
Back
The process of verifying identity during enrollment or account creation.
Front
What is an access control list (ACL)
Back
A list defining the permissions for various users or systems to access a resource.
Front
What is LDAP
Back
Lightweight Directory Access Protocol, used to access and manage directory information.
1/26
This deck covers authentication, authorization, identity governance, and access control mechanisms used to protect resources.