Security+ Domain 4.0: Identity and Access Management: Chapter 19

  1. Security+ Certification
  2. Security+: Definitions and Catchwords
  3. Security+ Domain 1.0: Threats, Attacks and Vulnerabilities
  4. Security+ Domain 2.0: Technologies and Tools, Chapter 6
  5. Security+ Domain 2.0: Technologies and Tools, Chapter 7
  6. Security+ Domain 2.0: Technologies and Tools, Chapter 8
  7. Security+ Domain 2.0: Technologies and Tools, Chapter 9
  8. Security+ Domain 2.0: Technologies and Tools, Chapter 10
  9. Security+ Domain 3.0: Architecture and Design: Chapter 11
  10. Security+ Domain 3.0: Secure Systems Design and Deployment: Chapter 12
  11. Security+ Domain 3.0: Secure Systems Design and Deployment: Chapter 12 cont’d
  12. Security+ Domain 3.0: Architecture and Design: Chapter 13: Embedded Systems
  13. Security+ Domain 3.0: Architecture and Design: Chapter 14: Application Development
  14. Security+ Domain 3.0: Architecture and Design: Chapter 15: Cloud and Virtualization
  15. Security+ Domain 3.0: Architecture and Design: Chapter 16: Resiliency and Automation
  16. Security+ Domain 3.0: Architecture and Design: Chapter 17: Physical Security
  17. Security+ Domain 4.0: Identity and Access Management: Chapter 18
  18. Security+ Domain 4.0: Identity and Access Management: Chapter 19
  19. Security+ Domain 4.0: Identity and Access Management: Chapter 20
  20. Security+ Domain 5.0: Risk Management: Chapter 21
  21. Security+ Domain 5.0: Risk Management: Chapter 22
  22. Security+ : Sample Questions
  23. Security+ Domain 5.0: Risk Management: Chapter 23
  24. bastion.inf
  25. Security+ Domain 5.0: Risk Management: Chapter 24
  26. Security+ Domain 5.0: Risk Management: Chapter 25
  27. Security+ Domain 5.0: Risk Management: Chapter 26
  28. Security+ Domain 5.0: Risk Management: Chapter 27
  29. Security+ Domain 5.0: Risk Management: Chapter 28
  30. Security+ Domain 5.0: Risk Management: Chapter 29
  31. Security+: My Favorite Free Tools

Chapter 19: Identity and Access Services

Windows Authentication

LM

NTLM

NTLMv2

Kerberos

LDAP (X.500)

X.500 is the formal name for Directory Access Protocol, or DAP. This was developed my the DoD and shared with the open-source community via a Freedom of Information Act request, becoming LDAP, or Lightweight DAP. And LDAP consists of:

Key Distribution Center (a service on port 88)

Authentication Service

Ticket Granting Service

Key Distribution Center (KDC)

The KDC uses Kerberos for key distribution.

Kerberos

Kerberos is single sign-on. There are lots of details to it, and you should have seen the video in the previous lesson from CBT Nuggets. Here is Professor Messer’s take on it, which offers some different details.

Remote Access

PAP

CHAP

MSCHAPv2

RADIUS and TACACS+

Authentication

Authorization

Accounting

TACACS+ and RADIUS

Terminal Access Controller / Access Control System Plus is a Cisco protocol similar to RADIUS, if you’re familiar with that. It’s a remote-access protocol that gives you pass-through to an internal authentication server, like AD.

Open Authorization Standards

SAML

OpenID Connect

OAUTH

Shibboleth