CompTIA Security+ 4.6 Security Operations – Identity and Access Management

Posted by:

|

On:

|

0%

Identity and Access Management

1 / 25

Which of the following BEST describes the purpose of OAuth in identity and access management?

2 / 25

A company is implementing a new policy for password changes. Which of the following approaches is MOST aligned with current NIST guidelines?

3 / 25

A company is implementing a new password policy. Which of the following would be considered the MOST secure password requirement?

4 / 25

Which of the following BEST describes the concept of identity proofing in identity and access management?

5 / 25

A company is implementing a new identity and access management system. Which of the following is the BEST approach to manage user lifecycle?

6 / 25

A security administrator is implementing access controls for a new financial application. Which of the following access control models would be MOST appropriate for ensuring that users can only access data relevant to their specific job functions?

7 / 25

A company is implementing a new access control system for their research and development department. Which of the following access control models would be MOST appropriate if the goal is to base access decisions on multiple attributes such as user role, project assignment, and time of day?

8 / 25

A security administrator is implementing a new access control system. Which of the following access control models is BEST suited for a military environment with strict hierarchical security levels?

9 / 25

A company is implementing a new authentication system for their network. Which of the following combinations would provide the strongest multi-factor authentication?

10 / 25

A company is implementing a new access control system for their research department. Which of the following access control models would be MOST appropriate if the goal is to restrict access based on the sensitivity level of the data and the clearance level of the users?

11 / 25

Which of the following authentication methods is MOST resistant to replay attacks?

12 / 25

A company is implementing multi-factor authentication for remote access. Which of the following combinations would provide the STRONGEST security?

13 / 25

Which of the following BEST describes the purpose of a privileged access management (PAM) system?

14 / 25

Which of the following BEST describes the concept of identity federation?

15 / 25

An organization wants to implement single sign-on (SSO) for their cloud services. Which of the following protocols is MOST commonly used for this purpose?

16 / 25

Which of the following BEST describes the concept of Just-in-Time (JIT) access in privileged access management?

17 / 25

A company is implementing a new identity management system. Which of the following is the BEST practice for managing user accounts when an employee leaves the organization?

18 / 25

A company is implementing biometric authentication for access to their data center. Which of the following is a key consideration when using biometrics for authentication?

19 / 25

A company is implementing multi-factor authentication for their VPN. Which of the following combinations would be considered true multi-factor authentication?

20 / 25

Which of the following BEST describes the concept of separation of duties in access control?

21 / 25

Which of the following BEST describes the concept of separation of duties in access control?

22 / 25

Which of the following best describes the principle of least privilege?

23 / 25

A company is implementing a new identity management system. Which of the following is the MOST important consideration for user account provisioning?

24 / 25

A security administrator is configuring a new access control system. Which of the following BEST describes the principle of least privilege?

25 / 25

Which of the following BEST describes the purpose of a privileged access management (PAM) system?

Your score is

Exit