I have a discussion for this week.
First, you need to do the following,
The identity and access management domain of CISSP permits perspective into the the roles, access privileges and permissions of users, subjects, and objects in a system. The goal is to establish, maintain, modify and monitor digital identity, authentication, authorization, accounting and accounting through the access life cycle.
For this week, watch this video (closed captions are available):
You can learn more here: https://www.cisa.gov/safecom/icam-resources
Start by watching the video which is less than 23 minutes long.
Then post a summary and context of what you have learned. There are a series of keywords related to the current domain that I would like you to weave into your narrative and into your responses.
Dialogue back and forth at least 4 time on the content, using as many of the topics below as possible in context. Highlight each term in BOLD in your submission.
Your first post may be submitted tonight, but must be submitted no later than Thursday 29th. The more terms you use, the more likely your score will be high.
False acceptance rate (FAR)
False rejection rate (FRR)
Crossover error rate (CER)
HMAC-based one-time password algorithm (HOTP
Time-based one-time password algorithm (TOTP)
Password Authentication Protocols
PAP (Password Authentication Protocol)
CHAP (Challenge Handshake Authentication Protocol)
Federated Identity Management System
Single Sign-On (SSO)
Security Assertion Markup Language (SAML)
Kerberos Access-Control System
Lightweight Directory Access Protocol (LDAP)
Identity and Access Management as a Service (IDaaS)
Principles of least privilege:
Separation of duties:
Mandatory Access-Control Systems (MAC)
Discretionary Access Control
The Implicit Deny Principle
Role-Based Access Control Systems
Access Control Attacks
Rainbow table attacks
Social Engineering Attacks
Second, for the dialogue, I will submit it once anyone posts and you can reply to them.
Please let me know if you have any questions.