---Advertisement---
Digital Security

Identity and Access Management Interview Question-Answer

By Smart Answer

Updated on:

---Advertisement---

Identity Management

Identity Management is managing the user identities in the multiple directories and identity stores across an organization.
Identity Manager provides an integrated method of managing users and their access to various applications. It can be used to enforce segregation of duties.
It prevents users from receiving privileges that may result in a conflict.
The administrator can check for any violations before assigning privileges/changing profile attributes.

Requirements of IAM

Modern organizations run a complex mix of IT infrastructure, including: Network OS, Application Servers, Webservers, Database servers, Emails and messaging services, User directories, Sharepoint sites, CRM, Payroll management and ERP applications
Almost every system and application track its own users, how they sign in (i.e., their passwords) and their privileges (i.e., what they can see and do).
This data about users must be managed, when users are hired, when their business roles or identifying information change and when they leave.
The diversity of these systems, each with their own user interface, administrators and change request processes creates complexity.
Identity management technologies simplify the administration of this distributed, overlapping and sometimes contradictory data about users.

Access Management

Access Management is managing the access control to various resources in an organization to determine who can access what resources under what conditions.
Every business has information that needs to be protected from unauthorized disclosure.
To protect information, companies define policies that govern who can access specific classes of business and/or personal information.
Access Management is a solution that provides a mechanism to manage the authentication of users (including single sign-on) and implement business rules determining user access to applications and data.

Access Management system takes care of following items

Authentication – verifying users are who they claim to be

Authorization – granting users access to resources (also called entitlements)

Auditing – recording who did what and when

Administration – managing users and entitlements

Confidentiality – protecting data from unauthorized eyes

Notification – actively communicating security events

The Categories

Identity and Access Management is divided into following categories

Access management
Privileged access management
Governance

Interview Question-Answer

Q.1 _______________ is a solution that provides a mechanism to manage the authentication of users and implement business rules determining user access to applications and data.

       A. Identity management

       B. Authorization

       C. Access management

Ans : Access management


Q.2 Which of the following is used to ensure that the users are who they claim to be?

       A. Administration

       B. Authentication

       C. Identity management

       D. Authorization

Ans : Authentication


Q.3 Which of the following aims to manage the user identities in the multiple directories and identity stores across an organization?

       A. Identity Management

       B. Authorization

       C. Authentication

Ans : Identity Management


Q.4 Which property of access management aims to protect data from unauthorized eyes?

       A. Authentication

       B. Integrity

       C. Audit Logging

       D. Confidentiality

Ans : Confidentiality


Q.5 Which of the following is used to grant users access to resources?

       A. Authentication

       B. Identity management

       C. Authorization

       D. Administration

Ans : Authentication


Smart Answer

---Advertisement---

Related Post

Cyber Security Interview Question-Answer Part – 3

Cybersecurity Prologue Interview Question-Answer Cyber Security Interview Question-Answer Part – 1 Cyber Security Interview Question-Answer Part – 2 Q.1 Which of the following can also consider as the ...

Cyber Security Interview Question-Answer Part – 2

Cybersecurity Prologue Interview Question-Answer Cyber Security Interview Question- – 1 Cyber Security Interview Question- – 3 Q.1 Which of the following can be considered as the elements of ...

Cyber Security Interview Question-Answer

Cybersecurity Prologue Interview Question-Answer Cyber Security Interview Question-Answer Part – 2 Cyber Security Interview Question-Answer Part – 3 Q.1 Which of the following refers to stealing one’s idea ...

User Authentication Interview Question-Answer part – 2

Authentication Interview Question-Answer Q.1 Which of the following is a good practice?        A. Give full permission for remote transferring        B. Grant read ...

Leave a Comment