Question 4
Chris Noth has recently joined CloudAppSec Private Ltd. as a cloud security engineer. Owing to several instances of malicious activities performed by former employees on his organization's applications and data that reside in an on-premises environment, in 2010, his organization adopted cloud computing and migrated all applications and data to the cloud. Chris would like to manage user identities in cloud-based services and applications.
Moreover, he wants to reduce the risk caused by the accounts of former users (employees) by ensuring that the users who leave the system can no longer log in to the system. Therefore, he has enforced an IAM standard that can automate the provisioning and de-provisioning of users when they enter and leave the system. Which of the following IAM standards is implemented by Chris Noth?
Correct answer: A
Explanation:
Chris Noth is looking to manage user identities and automate the provisioning and de-provisioning of users in cloud-based services and applications. The IAM standard that supports this functionality is SCIM (System for Cross-domain Identity Management).SCIM Overview: SCIM is an open standard designed to manage user identity information across different domains. It simplifies user management in cloud-based applications and services by allowing for automated user provisioning and de-provisioningAutomated Provisioning: With SCIM, when new users are added to an organization's system, their identities can be automatically provisioned across various cloud services without manual interventionAutomated De-provisioning: Similarly, when users leave the organization or their roles change, SCIM can ensure that their access is automatically revoked or adjusted across all connected services. This reduces the risk of former employees retaining access to sensitive systems and dataWhy Not the Others?:XACML (eXtensible Access Control Markup Language) is used for defining access control policies, not for identity provisioning.OpenID is an authentication standard that allows users to be authenticated by certain co-operating sites using a third-party service, without the need for passwords.OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.MajorKey Tech: What is Provisioning and De-provisioning in IAM1.SailPoint: What is automated provisioning?2.Nestmeter: Streamlining Security: User Provisioning and Deprovisioning with IAM3.
Chris Noth is looking to manage user identities and automate the provisioning and de-provisioning of users in cloud-based services and applications. The IAM standard that supports this functionality is SCIM (System for Cross-domain Identity Management).
SCIM Overview: SCIM is an open standard designed to manage user identity information across different domains. It simplifies user management in cloud-based applications and services by allowing for automated user provisioning and de-provisioning
Automated Provisioning: With SCIM, when new users are added to an organization's system, their identities can be automatically provisioned across various cloud services without manual intervention
Automated De-provisioning: Similarly, when users leave the organization or their roles change, SCIM can ensure that their access is automatically revoked or adjusted across all connected services. This reduces the risk of former employees retaining access to sensitive systems and data
Why Not the Others?:
XACML (eXtensible Access Control Markup Language) is used for defining access control policies, not for identity provisioning.
OpenID is an authentication standard that allows users to be authenticated by certain co-operating sites using a third-party service, without the need for passwords.
OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.
MajorKey Tech: What is Provisioning and De-provisioning in IAM1.
SailPoint: What is automated provisioning?2.
Nestmeter: Streamlining Security: User Provisioning and Deprovisioning with IAM3.