What is SAML (Security Assertion Markup Language)?
An open standard that allows web applications to use a third-party identity provider to authenticate users.
SAML facilitates secure communication between identity providers and service providers.
How does SAML improve authentication?
It enables single sign-on across multiple services using a trusted identity provider.
This reduces the need for multiple logins and enhances user experience.
What is Single Sign-On (SSO)?
A method that allows users to access multiple applications with one set of login credentials.
SSO simplifies user management and improves security.
How long do SSO sessions typically last?
Often up to about 24 hours before reauthentication is required.
Session duration can vary based on security policies.
What is Privileged Access Management (PAM)?
A security approach that controls and monitors access to administrative accounts and privileged systems.
PAM is crucial for protecting sensitive systems from unauthorized access.
What is Just-in-Time (JIT) access?
A method where users are granted temporary, time-limited elevated access only when needed.
JIT access minimizes the risk of credential misuse.
Why is Just-in-Time access used in security?
To reduce the risk of abuse by limiting the duration and availability of privileged credentials.
This approach enhances security by ensuring access is only granted when necessary.
What is a vault in the context of PAM?
A secure centralized system used to store and manage privileged credentials.
Vaults help in safeguarding sensitive access information.
What is Mobile Device Management (MDM)?
A centralized platform used to manage, secure, and enforce policies on mobile and endpoint devices.
MDM is essential for maintaining security in a mobile workforce.
What types of devices can MDM manage?
Both company-owned devices and personal (BYOD) devices.
MDM solutions often support various operating systems and device types.
What capabilities does MDM provide?
- Policy enforcement
- Device configuration
- Security controls
- Data partitioning between personal and corporate data
These capabilities help protect organizational data on mobile devices.
What is Data Loss Prevention (DLP)?
A set of tools and policies designed to prevent unauthorized sharing or leakage of sensitive data.
DLP is critical for compliance with data protection regulations.
Where is DLP typically implemented?
Across endpoints, email systems, and cloud services.
DLP solutions can monitor and control data movement in various environments.
What types of data does DLP protect?
- Personally identifiable information (PII)
- Financial data
- Intellectual property
Protecting these types of data is essential for maintaining privacy and security.
What is Identity and Access Management (IAM)?
A framework that manages user identities and controls access to resources throughout their lifecycle.
IAM is vital for ensuring that users have appropriate access to resources.
What is the main goal of IAM?
To ensure users have access only to the resources required for their roles.
This principle of least privilege enhances security.
What are directory services in IT?
Centralized databases used to manage users, devices, permissions, and network resources.
Directory services play a key role in identity management.
What is an example of a directory service?
Microsoft Active Directory.
Active Directory is widely used in enterprise environments for user and resource management.
How do directory services support authentication and authorization?
They centralize account management and enforce access control policies across a network.
This centralization simplifies user management and enhances security.
How do IAM and directory services work together?
IAM defines identity and access policies, while directory services store and enforce those identities and permissions.
Together, they provide a comprehensive approach to managing user access.
-
1.1 Operating Systems Overview10
-
1.1 File Systems9
-
4.1 Document Types7
-
4.6 Incident Response6
-
4.6 Privacy, Licensing, and policies15
-
4.7 Professionalism6
-
4.7 Communication6
-
1.6 The Windows Control Panel18
-
1.6 Windows Settings11
-
1.10 Installing Applications16
-
1.11 cloud productivity tools14
-
Cybrary4
-
compTIA quizzes11
-
1.4 Task Manager17
-
1.4 The Microsoft Management Console15
-
1.4 Additional Windows Tools10
-
1.5 The Windows Network Command Line16
-
1.5 Windows Command Line Tools23
-
1.7 Windows Network Technologies10
-
1.7 Configuring Windows Firewall9
-
1.7 Windows IP Address Configuration6
-
1.7 Windows Network Connections9
-
4.9 Remote Access31
-
3.1 Troubleshoting Windows25
-
2.1 Physical Security15
-
2.1 Physical Access Security15
-
2.1 Logical Security20
-
2.1 Authentication and Access20
-
2.2 Defender Antivirus14
-
2.2 Windows Firewall15
-
2.2 Windows Security settings24
-
2.2 Active Directory20
