Week 2 Module1 Flashcards Preview

AIT672-Identity Management > Week 2 Module1 > Flashcards

Flashcards in Week 2 Module1 Deck (15)
Loading flashcards...
1
Q

A _____ is an established relationship between two or more entities. (2 domains or organizations for example)

A

Federation

2
Q

The producer in a Federation (that provides identity information)is called what?

A. Federation Provider
B. User Provider
C. Identity Provider
D. None of the above

A

C. Identity Provider

IdP

3
Q

The _______ receives assertions from the IdP and makes access control decisions based on the information in the assertions.

A

Relying Party (RP)

4
Q

True/False: The purpose of a federation is to create trust between organizations about digital identities, identity attributes and credentials.

A

True

5
Q

What are the 3 primary entities in a Federation?

A. Identity Provider
B. Subscriber
C. Response Party
D. Relying Party
E. Identifier
A

A. Identity Provider
B. Subscriber
D. Relying Party

6
Q

True/False: Authentication between an IdP and subscriber is a single authentication event.

A

False.

7
Q

Browser cookies, OAuth Tokens and Device Identification can be used to manage and setup what (in Identity Federation)?

A

A Session

8
Q

The main objective os an assertion is to enable the ____ to convey authentication event information to the ____.

A

IdP (Identity Provider)

RP (Relying party)

9
Q

In _____ channel presentation, the assertion goes through the subscriber.

A

Front

10
Q

In ____ channel presentation, the assertion is done through a direct connection between the IdP and RP.

A

Back

11
Q

The ____ channel presentation shall be single use and limited for use by a single RP.

A

Back

12
Q

Match the Federation Assurance Levels (FAL) to their technical requirements.

  1. FAL1
  2. FAL2
  3. FAL3

A. Adds that the subscriber must present proof of possession of a cryptographic key
B. Requires the assertion be signed using cryptography
C. Adds that the assertion be encrypted

A
  1. FAL1 B
  2. FAL2 C
  3. FAL3 A
13
Q

A ________ is an entity used to establish working relationships between parties, and performs some level of vetting to verify compliance with predetermined security, integrity and privacy standards.

A. Federation Authority
B. Vetting Authority
C. Security Authority
D. Authentication Authority

A

A. Federation Authority

14
Q

______ is an internet-scale federated identity and authenticatin protocol build on top of Oauth 2.0 and the JSON Object Signing and Encryption (JOSE) crypto system.

A. OAuth Connect
B. Internet Connect
C. OpenID Connect
D. JSON Connect

A

C. OpenID Connect

15
Q

In OpenID Connect, the RP is known as the ______.

A

Client