IAM Quiz1

IAM
Fundamentals

Authentication & Authorization

LCM

Access Reviews

Governance

100

IAM Stands for

Identity & Access Management

100

what is authentication?

The process of verifying a user's identity.

100

Guess JML means

Joiner-Mover-Leaver

100

What is authentication

The process of verifying a user's identity.

200

Why is IAM important for cybersecurity

t helps prevent unauthorized access, data breaches, and ensures compliance.

200

What is SSO and how does it help users?

Allowing users to access multiple systems with one login?

200

What is a birthright access?

Default access granted to users based on their role or department when they join an organization.

200

Main purpose of enforcing password complexity policies?

To reduce the risk of password guessing or brute-force attacks.

300

What is an identity in IAM

A unique representation of a user, system, or service that needs access to resources.

300

What is authorization

The process of determining what resources a user is allowed to access.

300

What is an access request workflow?

A predefined process that governs how users request, approve, and receive access to systems or applications.

300

What is an access review

A periodic check to ensure users have appropriate access rights.

300

What is the impact of non-compliance with IAM policies?

It can lead to security breaches, regulatory fines, and reputational damage.

400

The process of giving a user access to a system called

Provisioning

400

What is the Principle of Least Privilege?

Users should only have the minimum access necessary to perform their job.

400

What is an orphaned account in IAM?

An account that remains active even after the associated user has left the organization.

400

What is the role of IAM in achieving SOX or GDPR compliance?

Ensures proper access controls, auditability, and data protection measures are in place.

500

What is the main goal of IAM

Right individuals have the right access to the right resources at the right time.

500

Benefit of implementing Multi-Factor Authentication (MFA)

It adds an extra layer of security beyond just a password

500

Term for removing a user’s access

De-provisioning

500

What is the risk of not performing regular access reviews?

Users may retain unnecessary or excessive access, increasing security risks.

500

Difference between identity governance and access management?

Identity governance focuses on policies and compliance, while access management handles authentication and authorization.