IAM Quiz3

IAM Basics

Authentication
&
Authorization

Governance

LCM

Access
Reviews

How does IAM help with regulatory compliance (e.g., SOX, HIPAA)?

A) By proving that the company's IT department is following best practices.

B) By providing detailed, auditable reports that prove access to sensitive data is properly managed.

C) By making sure that the company only hires the most trusted individuals.

D) It has no impact on regulatory compliance.

B) By providing detailed, auditable reports that prove access to sensitive data is properly managed.

You should use the same password for both your work accounts and personal accounts to make them easier to remember.

True or False

False

Using the same password for work and personal accounts makes both more vulnerable if one is compromised

If an IAM audit uncovers a "ghost account" (an account that belongs to a former employee), what is the business risk?

A) The ghost account will automatically delete itself.

B) The company faces a major security vulnerability that could be exploited by an attacker.

C) The account owner might try to log in again.

D) The ghost account can be used for automated testing.

B) The company faces a major security vulnerability that could be exploited by an attacker.

When an employee leaves a company, what is the most important IAM action to take?

A) Reset their password.

B) Deprovision their accounts, revoking all access.

C) Review their active projects.

D) Archive their emails.

B) Deprovision their accounts, revoking all access.

Who is considered a "user" in an access review?

A) Only full-time employees.

B) Only company executives.

C) Any individual or automated service that has access to an organization's systems, including contractors and vendors.

D) Only the IT team.

C) Any individual or automated service that has access to an organization's systems, including contractors and vendors.

What is a key benefit of IAM automation for the IT help desk?

A) It increases the number of help desk tickets they receive.

B) It reduces the number of common requests, like password resets, by enabling self-service.

C) It prevents the IT help desk from interacting with users.

D) It requires users to call the help desk for every minor issue.

B) It reduces the number of common requests, like password resets, by enabling self-service.

What is Single Sign-On (SSO)?

A) A system that requires a new password for every application

B) An authentication method that allows you to log in once to access multiple applications

C) A way to manage access for a single application

D) A process for changing your password

B) An authentication method that allows you to log in once to access multiple applications

How does IAM Governance help protect against insider threats?

A) By only hiring trusted family and friends.

B) By continuously monitoring user access and activities to spot unusual behavior or misuse of privileges.

C) By making sure no one can ever access sensitive information.

D) By requiring users to sign a non-disclosure agreement.

B) By continuously monitoring user access and activities to spot unusual behavior or misuse of privileges.

What is a key benefit of an automated onboarding process for new hires?

A) It ensures every new employee has the same permissions.

B) It saves time for IT and managers while making sure the new employee is productive on day one.

C) It completely eliminates the need for passwords.

D) It makes the onboarding process much longer.

B) It saves time for IT and managers while making sure the new employee is productive on day one.

Why is an access review important for a company's business?

A) It speeds up the internet for all employees.

B) It makes sure that all employees have the maximum access possible.

C) It reduces security risks, helps meet compliance rules, and prevents unauthorized access to sensitive information.

D) It is only needed for the IT department's internal records.

C) It reduces security risks, helps meet compliance rules, and prevents unauthorized access to sensitive information.

A user logs into a company's system with a password and a one-time code sent to their mobile phone. This is an example of:

A) Biometric authentication

B) Single Sign-On (SSO)

C) Multi-Factor Authentication (MFA)

D) Discretionary Access Control (DAC)

C) Multi-Factor Authentication (MFA)

Sharing your account credentials with a coworker who needs temporary access is a safe practice.

True or False

False. Sharing credentials is a major security risk and violates the principle of least privilege.

In IAM Governance, what is the risk of having too many users with "admin" or "privileged" access?

A) It improves productivity and speeds up processes.

B) It makes the company more vulnerable to security breaches and cyberattacks.

C) It makes the audit process simpler and faster.

D) It has no effect on security.

B) It makes the company more vulnerable to security breaches and cyberattacks.

Which team typically initiates the automated "Joiner" process?

A) The finance department.

B) The Human Resources (HR) department, by entering the new employee's information.

C) The employee themselves, on their first day.

D) The marketing department.

B) The Human Resources (HR) department, by entering the new employee's information.

What action is taken during an access review to correct inappropriate access?

A) The access is approved without a comment.

B) The access is revoked or edited.

C) The review is simply ignored.

D) The user's account is deleted entirely

B) The access is revoked or edited

What is the main goal of IAM?

A) To manage software installations

B) To ensure the right people have the right access at the right time

C) To monitor internet usage

D) To track employee attendance

B) To ensure the right people have the right access at the right time

Which of the following is an example of MFA?

A) Logging in with a username only

B) Logging in with a password and OTP

C) Logging in with a fingerprint only

D) Logging in with a shared account

B) Logging in with a password and OTP

Which of the following is a common security risk associated with IAM?

A) Strong password enforcement

B) Regular access audits

C) Weak passwords and mismanaged user privileges

D) Multi-Factor Authentication

C) Weak passwords and mismanaged user privileges

When an employee changes roles or departments within the company, what is the purpose of the "Mover" process?

A) To give them access to both their old and new job resources indefinitely.

B) To remove their old access rights and grant new ones based on their new role.

C) To make no changes to their access rights.

D) To completely delete and recreate their user account.

B) To remove their old access rights and grant new ones based on their new role.

When an access review finds that an employee has access they no longer need, what is the best next step?

A) Just leave the access for later.

B) Alert the user, but do not make any changes.

C) Immediately revoke the unnecessary access to reduce the security risk.

D) Ask the employee to approve the removal of their own access.

C) Immediately revoke the unnecessary access to reduce the security risk.

What is the main benefit of Single Sign-On (SSO)?

A) It requires users to remember a unique password for every application.

B) It improves security by allowing users to log in once to access multiple systems.

C) It makes it more difficult for users to access their applications.

D) It provides a separate login for every different application.

B) It improves security by allowing users to log in once to access multiple systems.

Which of the following is a key IAM function?

A) Authentication and Authorization

B) Software development

C) Network cabling

D) Email filtering

A) Authentication and Authorization

Why are privileged accounts a higher security risk than a regular employee's account?

A) Privileged accounts are used more often by employees.

B) Privileged accounts have more power and can access or change critical systems, making them a prime target for attackers.

C) Privileged accounts have fewer restrictions, so they are easier to misuse.

D) They are not a higher security risk.

B) Privileged accounts have more power and can access or change critical systems, making them a prime target for attackers.

What is a key risk of not effectively managing the "Mover" lifecycle?

A) Employees might get new responsibilities too quickly.

B) The company might accidentally grant a raise to an employee.

C) An employee could retain access to sensitive data from their old role, creating a security vulnerability.

D) The employee's manager might be unaware of their new role.

C) An employee could retain access to sensitive data from their old role, creating a security vulnerability.

Which of the following is a potential business risk if access reviews are not performed regularly?

A) The office coffee machine might break.

B) An employee might keep access to sensitive financial data after changing jobs, creating a security risk.

C) The company's website will load more slowly.

D) The company might overpay for office supplies.

B) An employee might keep access to sensitive financial data after changing jobs, creating a security risk.