Identity & Access Management Flashcards
How to implement NIST, ESAE and Red Forest Cybersecurity Principles in Active Directory
To thwart attackers pursuing horizontal kill chains with pass-the-hash and related methods, Microsoft has delivered a reference architecture and other best practices that seek to isolate privileged credentials. Microsoft recommends a new security model, the Enhanced Security Admin Environment (ESAE), for holding the accounts that require additional security due to their privileged access to the production forest. ESAE is a special administrative forest, also known as a Red Forest, used to manage all privileged identities in AD, making it more secure.
https://www.quest.com/community/blogs/b/microsoft-platform-management/posts/how-microsoft-red-forest-improves-active-directory-security
RBAC vs PBAC
https://blog.identityautomation.com/rbac-vs-abac-access-control-models-iam-explained
TOTP Authentication
TOTP stands for Time-based One-time Passwords and is a common form of Two-factor Authentication. Unique numeric passwords are generated with an algorithm that uses the current time as an input. The time-based passwords expire and therefore offer increased security for 2FA. TOTP is also known as a soft token.
What is difference between OTP and TOTP?
Time-based One-time Password (TOTP) is a time-based OTP. The seed for TOTP is static, just like in HOTP, but the moving factor in a TOTP is time-based rather than counter-based. The amount of time in which each password is valid is called a timestep. As a rule, timesteps tend to be 30 seconds or 60 seconds in length.
