WEEK 2 - IDENTITY ACCESS MANAGEMENT (IAM)

Comprehensive IAM Concepts: Definitions, Models, and Tools

What is the main purpose of Identity and Access Management (IAM)?

To ensure only authorized people or devices can access systems and data

What does Authorization determine in IAM?

What actions or resources a user is allowed to access

Which IAM component keeps records of user actions to ensure compliance and responsibility?

Accountability

What is the primary purpose of Multi-Factor Authentication (MFA)?

To require multiple forms of verification to confirm identity

What is the main benefit of Single Sign-On (SSO)?

Users can log in once and access multiple applications

Which access control model grants permissions based on a person's job role?

Role-Based Access Control (RBAC)

What is the principle of Least Privilege?

Allowing users access only to the resources needed to perform their job

What is IAM?

IAM is a security system that ensures only the right people or devices can access an organization's apps, data, or systems.

Why does IAM matter?

IAM keeps sensitive information safe from hackers, prevents unauthorized access, and helps companies comply with regulations like GDPR or HIPAA.

What is the analogy for IAM?

IAM is like a school security guard who checks student IDs to ensure only registered students enter classrooms.

What are the key parts of IAM?

The key parts of IAM are Identification, Authentication, Authorization, and Accountability (IAAA).

What is Identification in IAM?

Giving each person or device a unique ID, like a username or badge number.

What is Authentication in IAM?

Checking if someone is who they say they are, usually with a password or other proof.

What is Authorization in IAM?

Deciding what someone can do after their identity is confirmed, like which apps they can use.

What is Accountability in IAM?

Keeping a record of what people do to ensure they follow rules.

What is the difference between Authentication and Authorization?

Authentication proves identity, while Authorization decides what you are allowed to do.

What is Multi-Factor Authentication (MFA)?

MFA asks for two or more proofs of identity to log in, making it harder for hackers to break in.

Why is MFA important?

If a hacker steals your password, MFA stops them by requiring something else, like a code from your phone.

What is Single Sign-On (SSO)?

SSO lets you log in once and access multiple apps without logging in again.

Why does SSO matter?

It's easier for users and safer because it reduces password reuse.

What is Federation in IAM?

Federation lets you use one organization's login to access another organization's systems.

Why is Federation important?

It makes it easy to work with other companies or cloud services securely.

What are Access Control Schemes?

Rules that decide who can access what based on their job or characteristics.

What is the Least Privilege Principle?

Giving people or devices only the access they need to do their job, nothing more.

What is Identity Lifecycle Management?

Managing a person's digital identity from when they join a company to when they leave.

What are Conditional Access Policies?

Rules that change access based on factors like location or device being used.

What is Identity Governance and Administration (IGA)?

A system to manage identities, set rules, and check if access follows company policies.

What is Zero Trust?

A security approach that doesn't trust anyone automatically, even inside the company.

What are IAM Tools?

Software that helps manage identities and access securely.

What is an example of an IAM tool?

Okta is a cloud tool for SSO, MFA, and identity management.

What is the analogy for Zero Trust?

It's like a bank vault that checks your ID every time you enter, even if you're a regular customer.

What is an example of Multi-Factor Authentication?

Okta's MFA might ask for your password and a code from the Okta Verify app on your phone.

What is an example of Single Sign-On?

With Okta SSO, you log in once to access apps like Google Workspace or Salesforce without re-entering credentials.

What is an example of Federation?

Okta lets your company's login work for apps like Zoom or Slack hosted by other organizations.

What is an example of Access Control Schemes?

Role-Based Access Control (RBAC) grants access based on job roles.

What is an example of the Least Privilege Principle?

Okta ensures employees only access apps they need and removes access when they change roles.

What is an example of Identity Lifecycle Management?

Okta automatically creates or removes user accounts in apps when employees join or leave.

What is an example of Conditional Access Policies?

Okta might require a phone code if you log in from a new country.

What is an example of Identity Governance and Administration?

Okta's dashboard shows who has access to apps and lets managers review permissions.

What is an example of Zero Trust?

Okta uses MFA and monitors logins to ensure only trusted users access apps.