QUESTIONS AND CORRECT ANSWERS
ALREADY PASSED
●● Identity and Access Management (IAM).
Answer: The information security discipline concerned with user and
device access to an organization's resources.
●● Identity.
Answer: Comprised of unique elements that describe a person or
machine, recognized by a system through various means such as
passwords, ID cards, or biometric patterns.
●● Access.
Answer: The information representing the rights that an identity is
granted to perform transactional functions.
●● Entitlements.
Answer: The collection of access rights to perform transactional
functions, sometimes used synonymously with access rights.
●● Mobile Computing.
,Answer: A technology trend that requires organizations to embrace IAM
programs due to its increasing prevalence.
●● Cloud Computing.
Answer: A technology trend that necessitates the adoption of IAM
solutions to manage access and identity effectively.
●● Social Media.
Answer: A platform that presents risks requiring organizations to
implement IAM strategies.
●● Bring Your Own Device (BYOD).
Answer: A trend that introduces challenges for IAM as employees use
personal devices for work purposes.
●● Smart and Connected Devices.
Answer: Devices that create additional identity management challenges
in an organization.
●● Expanding Regulations.
Answer: Legal requirements that compel organizations to adopt IAM
practices to ensure compliance.
●● Cybercrime.
,Answer: A threat that increases the need for robust IAM solutions to
protect organizational assets.
●● Identity Theft.
Answer: A risk that organizations must mitigate through effective IAM
strategies.
●● Governance.
Answer: The processes and policies that guide the management of
identity and access within an organization.
●● Strategy.
Answer: The plan of action designed to achieve IAM goals and address
related challenges.
●● Program Management.
Answer: The discipline of managing IAM programs to ensure they meet
organizational needs.
●● Lifecycle and Transformation.
Answer: The ongoing process of managing identities and access rights
throughout their existence.
●● Access Request and Approval.
, Answer: The process by which users request access and the subsequent
approval mechanism.
●● Provisioning and De-Provisioning.
Answer: The processes of granting and revoking access rights to users.
●● Enforcement.
Answer: The implementation of access controls and policies to ensure
compliance with IAM standards.
●● Auditing and Reporting.
Answer: The processes of reviewing and documenting IAM activities to
ensure compliance and identify issues.
●● Access Review and Certification.
Answer: The periodic evaluation of user access rights to ensure they are
appropriate and compliant.
●● Account Reconciliation.
Answer: The process of verifying that user accounts and access rights
are accurate and up-to-date.
●● Tools.