By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.
Identity security protects digital identities (users, devices, services) from unauthorized access, misuse, or theft. You use it to prevent breaches, comply with regulations, and ensure only the right people or systems access sensitive data.
Simple Diagram:
User → App → IdP (AuthN) → Token → App (AuthZ) → Access Granted/Denied
Block High-Risk Logins
A company wants to prevent unauthorized access to its cloud apps. Which of the following is the most effective first step? A) Enforce complex password policies B) Implement MFA for all users C) Block all external IP addresses D) Require biometric scans for every login
Correct Answer: B) Implement MFA for all usersExplanation: MFA adds a critical second layer of security, making it much harder for attackers to gain access even if they steal passwords.Why the Distractors Are Tempting: - A) Complex passwords are better than weak ones but can still be phished or leaked.- C) Blocking all external IPs is impractical for remote work.- D) Biometrics are secure but may not be feasible for all users (e.g., contractors).
A developer is building a web app and wants to secure user logins. Which protocol should they use? A) Basic Auth (username + password in headers) B) OAuth 2.0 + OpenID Connect C) LDAP for all authentication D) Storing passwords in plaintext
Correct Answer: B) OAuth 2.0 + OpenID ConnectExplanation: OAuth 2.0 handles authorization, while OpenID Connect adds authentication. Together, they provide a secure, standardized way to manage logins without exposing passwords.Why the Distractors Are Tempting: - A) Basic Auth is simple but insecure (credentials are easily intercepted).- C) LDAP is for directory services, not modern web apps.- D) Storing plaintext passwords is a major security risk.
An employee’s laptop is stolen. What immediate action should the IT team take to minimize risk? A) Wipe the laptop remotely B) Revoke the user’s session tokens C) Disable the user’s account D) All of the above
Correct Answer: D) All of the aboveExplanation: To prevent unauthorized access, the IT team should: - Wipe the laptop (if it’s company-managed).- Revoke session tokens (to log out active sessions).- Disable the account (to block future logins).Why the Distractors Are Tempting: - A) Wiping the laptop alone doesn’t stop access from other devices.- B) Revoking tokens alone doesn’t prevent future logins.- C) Disabling the account alone doesn’t log out existing sessions.
Join 4M+ learners. Unlock unlimited quizzes, wrong-answer tracking, flashcards + reminders, study guides, and 1-on-1 challenges.