Please enable JavaScript.
Coggle requires JavaScript to display documents.
CAP13 - Managing identity amd authentication (3 - implementing identity…
CAP13 - Managing identity amd authentication
1 - Controlling access to assets
assets
information
systems
devices
facilities
personnel
subject(active)->access control->object(passive)
types of access control
default classification
preventive
detective
corrective
deterrent
recovery
directive
compensating
alternative classification
administrative
logical
physical
2 - Comparing identification and authentication
steps
authorization
accountability
authentication (password)
identification (username)
authenticaion factors
type 1 - something you know
type 2 - something you have
type 3 - something you are (or you do)
3 - implementing identity management
SIngel sign-on
ldap and pki
kerberos
federated identity management
AAA protocols
TACACS
Diameter
RADIUS
4 - Managing the identity and access provisioning lifecycle
provisioning
account review
account revocation