JDISE Tech Cheatsheet Cheat Sheet (DRAFT) by badgirlmona

SSO -Singl­e-Sign On: SAML enables SSO; using one set of creden­tials

OAuth (Open-­sta­ndard author­ization protocol)
- provides apps the ability for "secure designated access"
- Ex. Like giving ESPN access to post on and access your profile without giving up your password
- In the even that ESPN is breached, your Facebook is safe
- OAuth uses API calls extens­ively

SAML (Security Assertion Markup Language)
-is an open standard that allows identity providers (IdP) to pass author­ization creden­tials to service providers (SP)
-Basically you can use one set of creds to log into many different websites.
-Drops a session cookie in a browser that allows a user to access certain web page. Great for short-­lived work days.

CIMS (Coord­inated Incident Management System)
-response tools
-Situation report
-Action plan
-Resource request
-Incident report
EUA???????

RBAC (Role-­Based Access Control)
-users are granted access to resources based on their role in the company
-Aid with the principle of least privilege
-TALK ABOUT ENTITL­EMENTS AND THE PRIVILEGES MAPPED TO POWERBI AND DEVOPS

What is a threat, vulner­abi­lity, exploit, and mitiga­tion?

Vulner­abi­lity: Weak point of the network that can compromise the security of the network

Exploit: Refers to a tool that can be used to find a vulner­ability in a network

Threat: Refers to a person or a program that uses exploits and vulner­abi­lities to break into the network

Mitigation Technique: Refers to a tool or a technique that can be used to protect the network or weak points of the network