Please enable JavaScript.
Coggle requires JavaScript to display documents.
Domain 4 - Identity and Access Management (4.2 - Install and configure…
Domain 4 - Identity and Access Management
4.2 - Install and configure identity and access services
RADIUS
SAML
MSCHAP
OpenID Connect
PAP
OAUTH
CHAP
Shibboleth
TACACS+
Secure token
Kerberos
NTLM
LDAP
4.3 - Implement identity and access management controls
Biometric factors
Voice recognition
Facial recognition
Iris scanner
False acceptance rate
Retinal scanner
False rejection rate
Fingerprint scanner
Crossover error rate
Tokens
Software
HOTP/TOTP
Hardware
Physiscal access control
Proximity cards
Smart Cards
Certificate-based authentication
PIV/CAC/smart card
IEEE 802.1x
Access control modules
ABAC
Role-based access control
DAC
Rule-based access control
MAC
File system security
Database security
4.4 - Differentiate common account management practices
General Concepts
Time-of-day restrictions
Recertification
Usage auditing and review
Standard naming convention
Permission auditing and review
Account maintenance
Onboarding/offboarding
Group-based access control
Least privilege
Location-based policies
Account ppolicy enforcement
Recovery
Disablement
Expiration
Lockout
Password complexity
Password history
Group policy
Password reuse
Credential management
Password length
Account types
Guest accounts
Service accounts
Shared and generic accounts/credentials
Privileged accounts
User account
4.1 - Identity and access management concepts
Multifactor authentication
Something you know
Something you are
Something you have
Something you do
Something you are
Federation
Single sign-on
Identification, authentication. autorization and accounting (AAA)
Transitive trust