Domain 5 Overview

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:01
>> Folks, look at us.
00:01
We are at Domain 5,
00:01
which means we're past the halfway point.
00:01
The remaining domains are
00:01
>> a little bit shorter in nature
00:01
>> because we've laid down so much groundwork
00:01
for everything we're going to do.
00:01
Domain 5 is identity and access management.
00:01
That really is made up of two sections,
00:01
identity management and access management.
00:01
We'll talk about the difference between the two.
00:01
Then we'll talk about
00:01
some common elements and
00:01
technologies that are going to help
00:01
us streamline our process of creating
00:01
user accounts and making sure only
00:01
the right people have the right
00:01
>> access at the right time.
00:01
>> The identity and access management topic as a whole.
00:01
You know I don't like to read from slides,
00:01
but I'm just going to give you this quote
00:01
because it comes from ISC square,
00:01
and I want us to consider that.
00:01
The role here is to focus on
00:01
harmonizing the provisioning of users
00:01
and managing access from
00:01
multiple systems with
00:01
different native access control systems.
00:01
That's a lot going on right there.
00:01
This idea of harmonizing,
00:01
having things work together,
00:01
orchestration and automation,
00:01
managing access from across multiple systems,
00:01
so we're not just talking about local login,
00:01
and honestly, we're not just talking about
00:01
logging in from a single domain.
00:01
We're talking about allowing credentials
00:01
to traverse domains regardless what the platforms are.
00:01
Of course, that's going to require
00:01
some configuration and some setup,
00:01
and that's exactly what this domain is all about.
00:01
Like I said, we're going to focus
00:01
on identity management first.
00:01
When we say identity management,
00:01
what we're referring to is
00:01
creating an identity for our users.
00:01
It could be based on who they are,
00:01
I might have a Kelly H account,
00:01
could be based on my role within the organization,
00:01
I might have Trainer 1,
00:01
but the idea is this identity
00:01
is going to be tied to my login information,
00:01
my user account,
00:01
and I'm going to use that to
00:01
identify to resources throughout the network.
00:01
Now, once I identify,
00:01
here's where the access management piece comes
00:01
in because then I have to authenticate,
00:01
which is proving I am who I say I am,
00:01
then I get authorized.
00:01
Authorization is about being granted rights and
00:01
permissions to perform certain actions on the network.
00:01
Then accounting or auditing being the final stage here
00:01
where we're able to map actions to a specific user.
00:01
There are a lot of elements as you can see.
00:01
The little diagram that goes into these pieces.
00:01
This domain as I mentioned before,
00:01
we're going to start with identity management
00:01
which will allow us to create,
00:01
other word for creating is provisioning.
00:01
In the identity management piece,
00:01
we'll start out with identity proofing
00:01
and then move to account provisioning,
00:01
talk about the difference.
00:01
We'll move into authentication,
00:01
where like we said,
00:01
once a user identifies on the network,
00:01
they'll have to authenticate,
00:01
so we'll look at the three types of authentication,
00:01
and we'll talk about multi-factor authentication
00:01
being the strongest.
00:01
We'll also talk about a network
00:01
>> protocol called Kerberos,
00:01
>> network authentication protocol,
00:01
that allows me single sign-on within a domain.
00:01
When we want to have our login credential span domains
00:01
and continue single sign-on across domains,
00:01
we have to set up what we refer to as federated trusts
00:01
and create a trusting relationship
00:01
from one domain to the next.
00:01
That opens up a whole line
00:01
of resources that we can access through single sign-on.
00:01
Now, once I've proven I am who I say I am,
00:01
I get authorized,
00:01
and we'll be looking at access control models,
00:01
Discretionary Access Control,
00:01
Mandatory Access Control,
00:01
and Role-based Access Control,
00:01
and Attribute-based control.
00:01
We've got a lot of elements to look at there,
00:01
and then we'll talk about
00:01
>> enforcing that access control.
00:01
>> We'll talk about managing from central locations,
00:01
authorization, and making sure again,
00:01
that folks are authorized only for what they need.
00:01
We'll follow that principle of least privilege.
00:01
Now, we have auditing and accountability.
00:01
As matter of fact, a lot of times when I
00:01
think of identity and access management,
00:01
I think of the I triple A,
00:01
identify, authenticate, authorize, and auditing,
00:01
which gives me accountability.
00:01
Then the last thing we'll mention
00:01
>> here is data emanation.
00:01
>> This as an attack on access control.
00:01
It's a way of bypassing access control
00:01
by analyzing the signal,
00:01
being able to glean information about the type of
00:01
information that's being processed or transmitted.
00:01
Let's just wrap up this overview,
00:01
where we talked about the I triple A,
00:01
and as we move forward into
00:01
the remaining sections, we'll get more.
Up Next