CompTIA Security+ Domain 4: Identity and Access Management Welcome to your CompTIA Security+ Domain 4: Identity and Access Management 1. CompTIA Security+: Identity and Access Management Which authentication protocol primarily relies on tickets for client-server authentication and does not transmit passwords over the network? A. RADIUS B. TACACS+ C. Kerberos D. LDAP None 2. CompTIA Security+: Identity and Access Management In Identity and Access Management, what is the primary purpose of a Federation Service? A. To centralize user authentication for a single organization B. To synchronize user databases between different organizations C. To allow sharing of identity information across multiple organizations D. To manage group policies in a distributed environment None 3. CompTIA Security+: Identity and Access Management What is the primary security concern addressed by the implementation of a Zero Trust model? A. External threats from the internet B. Insider threats C. Distributed denial-of-service (DDoS) attacks D. Malware spreading in the network None 4. CompTIA Security+: Identity and Access Management Which of the following best describes a 'Privileged Access Management' (PAM) system? A. A system managing user access based on their role in the organization B. A tool for monitoring network traffic and access patterns C. A framework to manage elevated access and permissions for users D. A protocol for secure communications between different network segments None 5. CompTIA Security+: Identity and Access Management In the context of digital certificates, what is the primary role of a Certificate Authority (C A. A) To encrypt data using public key infrastructure B. To issue and manage digital certificates C. To provide a directory of public keys D. To authenticate user identities None 6. CompTIA Security+: Identity and Access Management What is the main purpose of using a Security Assertion Markup Language (SAML) in web security? A. To encrypt web traffic B. To provide secure email communication C. To enable single sign-on (SSO) for web services D. To manage network access control None 7. CompTIA Security+: Identity and Access Management What is the primary function of a RADIUS server in network security? A. Firewall management B. Intrusion detection and prevention C. Centralized authentication, authorization, and accounting for users D. Data encryption and decryption None 8. CompTIA Security+: Identity and Access Management In an Identity and Access Management system, what does the term "Least Privilege" primarily refer to? A. Granting users the minimum levels of access necessary to perform their job functions B. Restricting user access to only the most secure parts of the system C. Providing users with temporary access rights that expire within a short time D. Limiting user access to non-confidential data only None 9. CompTIA Security+: Identity and Access Management Which technology is primarily used for multi-factor authentication to enhance security? A. VPN B. Firewall C. Biometric authentication D. Proxy server None 10. CompTIA Security+: Identity and Access Management What does the OAuth protocol primarily provide in the context of Identity and Access Management? A. Two-factor authentication B. Secure wireless encryption C. Delegated authorization for web services and applications D. Encrypted file transfers None 11. CompTIA Security+: Identity and Access Management In a Single Sign-On (SSO) implementation, what is the primary security risk? A. Increased complexity of network configurations B. Higher resource utilization on servers C. A single point of failure for user authentication D. Incompatibility with legacy applications None 12. CompTIA Security+: Identity and Access Management What is the primary function of TACACS+ in network security? A. Network packet filtering B. File encryption C. User authentication and command authorization D. Malware scanning None 13. CompTIA Security+: Identity and Access Management Which term best describes a system where different authentication methods are used at different times or in different contexts for the same user? A. Single Sign-On (SSO) B. Multi-factor Authentication (MFA) C. Adaptive Authentication D. Role-Based Access Control (RBAC) None 14. CompTIA Security+: Identity and Access Management What is the main advantage of implementing a Role-Based Access Control RBAC system in an organization? A. Reducing the complexity of network configurations B. Simplifying the management of user permissions C. Enhancing the encryption of data in transit D. Increasing the speed of network traffic None 15. CompTIA Security+: Identity and Access Management In the context of Public Key Infrastructure (PKI), what role does the Certificate Revocation List (CRL) play? A. Lists all issued digital certificates B. Stores private keys securely C. Records digital certificates that have been revoked D. Encrypts data using public keys None 16. CompTIA Security+: Identity and Access Management Which authentication factor category does a fingerprint scanner fall under? A. Something you know B. Something you have C. Something you are D. Somewhere you are None 17. CompTIA Security+: Identity and Access Management In Identity and Access Management, what is a primary security feature of using smart cards as an authentication factor? A. They can store multiple passwords for different systems B. They provide geolocation data for user authentication C. They contain embedded certificates for identity verification D. They automatically update user access rights None 18. CompTIA Security+: Identity and Access Management What is the main purpose of implementing a Directory Service in network security? A. Filtering network traffic B. Centralizing the storage of user credentials and attributes C. Encrypting data in transit D. Logging network activities None 19. CompTIA Security+: Identity and Access Management Which access control model dynamically assigns roles to users based on attributes and environmental conditions? A. Mandatory Access Control MAC B. Discretionary Access Control DAC C. Role-Based Access Control RBAC D. Attribute-Based Access Control ABAC None 20. CompTIA Security+: Identity and Access Management In a PKI, what is the function of a Key Escrow? A. To increase encryption key length B. To distribute public keys C. To store backup copies of private keys D. To manage digital certificates None 1 out of 20 Time is Up! Time's up
