Sailpoint Training Understanding Report

Cyber Security

Cyber security is the practice of defending computers, servers, mobile devices,

electronic systems, networks, and data from malicious attacks.

It can be divided into a few common categories.

 Network Security - Practice of securing a computer network from

intruders, whether targeted attackers or opportunistic malware.

 Application Security - focuses on keeping software and devices free of

threats.

 Information Security - protects the integrity and privacy of data, both in

storage and in transit.
 Operational Security - includes the processes and decisions for handling
and protecting data assets.

CIA Triad

Concept that focuses on the balance between the confidentiality, integrity and
availability of data under the protection of your information security program.

Cyber Security Tower

Identity and Access Management - Identity and access management (IAM) is the
discipline that enables the right individuals to access the right resources at the right
times for the right reasons.

Governance Risk and Compilance

Governance, Risk, and Compliance will give you an understanding of the current
laws and regulations that drive the creation of a governance system of rules,
practices, and processes by which a company is directed and controlled.
Data Security

Data security means protecting digital data, such as those in a database, from
destructive forces and from the unwanted actions of unauthorized users, such as a
cyberattack or a data breach.

Automation In CyberSecurity

Security automation and cyber-space defense can be defined as assigning low-

cognitive functions such as monitoring, scanning, and low-level incident response
to be handled by automation. It allows one to be aware of, aggregate, and extract
data while carrying out the basic threat search and detection process and other low
cognitive activities.

Access Management

Authentication - Verifying the identity of a user, process, or device, often as a

prerequisite to allowing access to resources in an information system.

Authorization - Authorization in system security is the process of giving the user

permission to access a specific resource or function.

Single Sign –on - Single sign-on is an authentication scheme that allows a user to
log in with a single ID and password to any of several related, yet independent,
software systems.

Single Sign-on - Single sign-on is an authentication scheme that allows a user to

log in with a single ID and password to any of several related, yet independent,
software systems.

Federation - Federation is a relationship which is maintained between

organizations. User from each organization gets access across each other's web
properties. Hence, federated SSO provides an authentication token to the user
which is trusted across organizations.