null
US
Entrar
Registre-se gratuitamente
Registre-se
Detectamos que o JavaScript não está habilitado no teu navegador. Habilite o Javascript para o funcionamento correto do nosso site. Por favor, leia os
Termos e Condições
para mais informações.
Próximo
Copiar e Editar
Você deve estar logado para concluir esta ação!
Inscreva-se gratuitamente
3315058
5. Identity and Access Management
Descrição
5 Mind Maps (CISSP CBK) Mapa Mental sobre 5. Identity and Access Management, criado por Marisol Segade em 29-08-2015.
Sem etiquetas
mind maps
cissp cbk
5
Mapa Mental por
Marisol Segade
, atualizado more than 1 year ago
Mais
Menos
Criado por
Marisol Segade
mais de 9 anos atrás
45
1
0
Resumo de Recurso
5. Identity and Access Management
5.1 Understanding Access Control Fundamentals
CISSP Exam Tips
Authentication provides validity
Authorization provides control
Accountability provides non-repudiation (sometimes)
Access management objectives
Types of access controls
Access control system attributes
5.2 Examining Identification Schemas
Identification guidelines
Profiles
Identity management systems
Directory services including LDAP and MS AD
Single sign-on
Federated identity management
CISSP Exam Tips
Identification information although seemingly benign can contain sensitive or legally protected information
SSO & Federated Identity although convenient can be extremely dangerous if the system is compromised
Accountability is when actions can be traced to their source
5. Identity and Access Management - 5.3 Understanding Authentication Options
Factor requirements
Out-of-band authentication
Password strengths & weaknessess
Password management systems
One time passwords or passcodes
Tokens, memory cards and smartcards
Biometrics
Credential management systems (CM)
CISSP Exam Tips
Hashed passwords should always be "salted"
Biometric markers may be able to detect addiction, illness and pregnancy
Attacks can gain control of a CM system and issue privileged credentials
5.4 Understanding Authentication Systems
Authentication authorities
Single sign-on
Kerberos
SESAME
Thin clients
Federation Authentication
Identitity as a service (IDaaS)
CISSP Exam Tips
Kerberos uses tikets for authentication
Federated authentication is prominent on the web
Single sign-on systems can be a single point of failure (SPOF)
5.5 Implementing Access and Authorization Criteria
CISSP Exam Tips
Privilege trumps rights and persmissions
When in doubt, deny access
Authorization creep is the accumulation of access rights, permissions, and privileges over time
Rights and permissions
Privilege
Need to know and least privilege
Default allow and default deny
Authorization creep
Dual control and separation of duties
5.6 Implementing Access Control Models
CISSP Exam Tips
The OS and the Application must support the access control model
Role-based access control (RBAC) can be used to enforce separation of duties
In DAC environment, the owner can delegate control decisions
Access control models and techniques
Mandatory access controls (MAC)
Discretionary access controls (DAC)
Role-based access controls (RBAC)
5.7 Implementing Access Control Techniques and Technologies
Access control lists
Capabilities table
Rule-based
Content-dependent
Context-dependent
Constrained interfaces including menus, shells, database views and physically constrained interfaces
CISSP Exam Tips
Rules are not bound to a subject or an object
An ATM is an example of a constrained interface
ACLs and Capability tables are generally cumulative
5.8 Identity and Access Provisioning
CISSP Exam Tips
Provisioning and review are iterative phases
All rights and permissions should be documented in the assignment phase and checked when revocation occurs
Users are vulnerable to social engineering
Identity and Access provisioning lifecycle
Oversight and privilege account management - Monitoring and auditing
Social engineering
Quer criar seus próprios
Mapas Mentais
gratuitos
com a GoConqr?
Saiba mais
.
Semelhante
Creating Mind Maps with GoConqr
Andrea Leyden
Creating Mind Maps with GoConqr
Sarah Egan
GoConqr Getting Started Guide
Norman McBrien
Mind Maps with GoConqr
Manikandan Achan
Mind Maps with GoConqr
croconnor
Mind Maps with GoConqr
Elysa Din
Creating Mind Maps with GoConqr
laurie trost
THE WAYS IN WHICH ICT IS USED
antebellsayssup
Mind Maps with GoConqr_1
hurtado13071
The Lungs
Tamara Lancaster
Creating Mind Maps with GoConqr
alisamyfahmy
Explore a Biblioteca