Which of the following statements about identity management (IdM) is correct? (Wentz QOTD)
A. An identity is a single attribute used to identify an entity uniquely.
B. Accounts persisted in a directory are technical means representing entities.
C. X.500 is derived from the Lightweight Directory Access Protocol (LDAP).
D. Biometrics is more secure than passphrase in a single-factor authentication system.

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. Accounts persisted in a directory are technical means representing entities.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

Reference

---

以下哪項關於身份管理 (IdM) 的陳述是正確的？ (Wentz QOTD)
A. 身份是用於唯一標識實體的單個屬性。
B. 保存在目錄中的帳戶是代表實體的技術手段。
C. X.500 源自輕量級目錄訪問協議 (LDAP)。
D. 在單因素身份驗證系統中，生物識別比密碼更安全。