QUESTIONS GRADED A+
● Identity. Answer: recognized by a system in many ways including
with something the user knows, such as a password or a personal
identification number (PIN); something the user has, such as an ID card,
key fob or a badge; and something the user is, such as a fingerprint or
retinal pattern; or any combination of these elements
● Access. Answer: is the information representing the rights that an
identity is granted.
● Access Rights. Answer: can be granted to allow users to perform
transactional functions at various levels. Some examples of transactional
functions are copy, transfer, add, change, delete, review and approve
● Entitlement. Answer: the collection of access rights to perform
transactional functions.
● Provisioning. Answer: the creation, modification, validation,
approval, propagation, and eventual termination of an identity and its
associated access rights.
, ● Enforcement. Answer: the authentication, authorization and logging
of identities as they interact with the organization's systems. Performed
primarily through automated controls and mechanisms.
● Identity management. Answer: the ongoing, organization-wide
activities that govern and administer identities and access rights. This
includes the establishment of an IAM strategy and governance
framework, the administration of IAM policy and standards, the
definition of identity and password parameters, the operation and
management of manual or automated IAM platforms and processes, and
the periodic monitoring, auditing, reconciliation, and reporting of IAM
systems.
● Access Management. Answer: The set of processes and mechanisms
used to authenticate, authorize, and manage user access to organizational
systems and information resources.
● Access Management. Answer: ensures that only authenticated and
appropriately authorized subjects can access protected resources.
● Authentication. Answer: The process of validating that people or
entities are who they say they are. The action of "logging in" is one type
of event where this occurs.
● authorization. Answer: The process of determining if a user has the
right to access a service or perform an action