Identity Credential and Access Management Discussion & Responses

User Generated

ebfrsbeebfr

Computer Science

Description

Hello Ryan,

I have a discussion for this week.

First, you need to do the following,

The identity and access management domain of CISSP permits perspective into the the roles, access privileges and permissions of users, subjects, and objects in a system. The goal is to establish, maintain, modify and monitor digital identity, authentication, authorization, accounting and accounting through the access life cycle.

For this week, watch this video (closed captions are available):

https://www.youtube.com/watch?v=B-gKozU6oiw

You can learn more here: https://www.cisa.gov/safecom/icam-resources

Start by watching the video which is less than 23 minutes long.

Then post a summary and context of what you have learned. There are a series of keywords related to the current domain that I would like you to weave into your narrative and into your responses.

Dialogue back and forth at least 4 time on the content, using as many of the topics below as possible in context. Highlight each term in BOLD in your submission.

Your first post may be submitted tonight, but must be submitted no later than Thursday 29th. The more terms you use, the more likely your score will be high.

Identification

Authentication

Authorization

Accounting

Auditing

Multi-Factor Authentication

Usernames

Access cards

Biometrics

False acceptance rate (FAR)

False rejection rate (FRR)

Crossover error rate (CER)

HMAC-based one-time password algorithm (HOTP

Time-based one-time password algorithm (TOTP)

Password Authentication Protocols

PAP (Password Authentication Protocol)

CHAP (Challenge Handshake Authentication Protocol)

Federated Identity Management System

Single Sign-On (SSO)

Security Assertion Markup Language (SAML)

Trust transitivity:

RADIUS

TACACS+

Kerberos Access-Control System

Lightweight Directory Access Protocol (LDAP)

Identity and Access Management as a Service (IDaaS)

Certificates-Based Authentication

Principles of least privilege:

Separation of duties:

Job rotation

Mandatory vacation

Mandatory Access-Control Systems (MAC)

Discretionary Access Control

The Implicit Deny Principle

Role-Based Access Control Systems

Time-of-Day Restrictions

Access Control Attacks

Password Attacks

Dictionary attacks

Rainbow table attacks

Hybrid attacks

Social Engineering Attacks


Second, for the dialogue, I will submit it once anyone posts and you can reply to them.

Please let me know if you have any questions.

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Hello. Please find the document attached. We will handle the dialogues when we receive the posts.

Identity, Credential, and Access Management

Student’s First Name, Middle Initial(s), Last Name
Institutional Affiliation
Course Number and Name
Instructor’s Name and Title
Assignment Due Date

Summary
The tech talk “Identity, Credential and Access Management” provides insights into
crucial cyber-security protocols organizations need to consider and implement to ensure the
security and integrity of their systems from possible cyber-attack (CyberSecurity &
infrastructure Agency, n.d.). Basically, ICAM can be understood as a set of principles and
practices that if implemented fully helps to make sure that systems stay safe and secure (DHS
Science and Technology Directorate, 2020). At a minimum level, ICAM can be understood as
physical and cyber-security protocols that organizations need to implement to limit access and
control of their computer network systems to a trusted group of authorized and authenticated
users only. Systems can be secured using different types and sets of security protocols such as
password authentication, personal identification numbers (PIN), Username and user email,
biometrics such as figure print or face recognition technologies as so on.
With the threat of cyber-attacks such as ransomware attack, distributed denial of service,
brute force attack, rainbow table attack, hybrid attacks, dictionary attack, and social engineering
attacks, it has become important that organizations implement multi-factor authentication
security protocols to limit the chances of the bad guys gaining entry. The increasing threat posed
by cybercriminals has also uplifted the role of ICAM as a federated approach to dealing with
cyber-security issues. At the heart of ICAM activities is the role played by first responders in
dealing with ransomware attacks where hackers gain access and control of valuable data until a
ransom is paid (DHS Science and Technology Directorate, 2020). When responding to cyberattack, first responders must always be validated and cleared by relevant bodies to ensure the
integrity of valuable data and to promote trust creation. It's here that ICAM comes in. As an
umbrella organization of more than 60,000 first responders, ICAM is tasked with providing the

relevant policy, legal framework, and technology requ...

Related Tags