Group Admins
The CDM Learning Community is designed to enhance cybersecurity risk management by fostering a CDM learning environment that increases Departments and Agencies awareness and knowledge about the CDM program and offer a place to exchange best practices for implementing and maintaining the CDM program.
-
Shikha joined the group
CDM Learning – Bits & Bytes 3 months ago -
Fidel Quintela joined the group
CDM Learning – Bits & Bytes 7 months ago -
Angelo Nappi joined the group
CDM Learning – Bits & Bytes 1 year, 8 months ago -
CDM Learning started the topic Types of CDM Containers in the forum
CDM Learning – Bits & Bytes 2 years agoWhat Are the Types of CDM Containers?
-
The Continuous Diagnostics and Mitigation (CDM) program uses two types of containers to group an agency’s information system policies and asset attributes. Organizational Unit (OU) Containers group organization-specific policies and attributes. Federal Information Security Modernization Act (FISMA) C…
-
CDM Learning started the topic What Are CDM Containers? in the forum
CDM Learning – Bits & Bytes 2 years, 1 month agoWhat Are CDM Containers?
-
In the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program, containers are used to place all of an agency’s information technology assets into organized groupings. The container is one of CDM’s core design concepts.
For a given agency, CDM is concerned with any information techn…[Read more]
-
Elena Lauren joined the group
CDM Learning – Bits & Bytes 2 years, 1 month ago -
CDM Learning started the topic What Is the CDM Architecture? in the forum
CDM Learning – Bits & Bytes 2 years, 1 month agoWhat Is the CDM Architecture?
-
The Continuous Diagnostics and Mitigation (CDM) Architecture provides a comprehensive and consistent baseline architecture for the flow of CDM data and policies among agency networks, the agencies, and the federal level. Agencies can tailor their specific implementations of the Architecture to address specific…
-
CDM Learning started the topic How Do I Defend Against Common Threats to Credentials? in the forum
CDM Learning – Bits & Bytes 2 years, 1 month agoHow Do I Defend Against Common Threats to Credentials?
-
Attackers commonly try to steal usernames and passwords, or the files used to verify them, to penetrate federal systems. Multifactor authentication, especially the use of Personal Identity Verification (PIV) cards, reduces this risk by requiring users to log in with both physical and logical…
-
Sandra Graham joined the group
CDM Learning – Bits & Bytes 2 years, 1 month ago -
CDM Learning started the topic What is NIST Digital Identity Assurance? in the forum
CDM Learning – Bits & Bytes 2 years, 1 month agoWhat is NIST Digital Identity Assurance?
The National Institute of Standards and Technology (NIST) Digital Identity Guidelines provide flexible requirements for agencies seeking to assure user identities on their networks. These guidelines describe three components of identity assurance—Identity, Authentication, and Federation—and three lev…[Read more]
-
CDM Learning started the topic What is NIST Digital Identity Assurance? in the forum
CDM Learning – Bits & Bytes 2 years, 1 month agoThe National Institute of Standards and Technology (NIST) Digital Identity Guidelines provide flexible requirements for agencies seeking to assure user identities on their networks. These guidelines describe three components of identity assurance—Identity, Authentication, and Federation—and three levels of sophistication in each component.
-
CDM Learning started the topic What is NIST Digital Identity Assurance? in the forum
CDM Learning – Bits & Bytes 2 years, 1 month agoThe National Institute of Standards and Technology (NIST) Digital Identity Guidelines provide flexible requirements for agencies seeking to assure user identities on their networks. These guidelines describe three components of identity assurance—Identity, Authentication, and Federation—and three levels of sophistication in each component.
-
CDM Learning started the topic What is NIST Digital Identity Assurance? in the forum
CDM Learning – Bits & Bytes 2 years, 1 month agoThe National Institute of Standards and Technology (NIST) Digital Identity Guidelines provide flexible requirements for agencies seeking to assure user identities on their networks. These guidelines describe three components of identity assurance—Identity, Authentication, and Federation—and three levels of sophistication in each component.
-
CDM Learning started the topic How Are Credentials Issued to Federal Users? in the forum
CDM Learning – Bits & Bytes 2 years, 1 month agoHow Are Credentials Issued to Federal Users?
A Credential Service Provider (CSP) gives a user a credential (e.g., user name) and an authenticator (e.g., password). To access resources, the user provides his or her credential and the authenticator. The CSP is used to validate, store, and maintain credentials and is the key for managing authorized…[Read more] -
CDM Learning started the topic How Can You Strengthen Federal Government Security? in the forum
CDM Learning – Bits & Bytes 2 years, 2 months agoHow Can You Strengthen Federal Government Security?
The first goal of the Federal Identity, Credential, and Access Management (FICAM) initiative is to strengthen the Federal Government’s information and physical security. To meet it, agencies need to ensure access to resources to only those authorized; manage trusted identities; support c…[Read more] -
CDM Learning started the topic How Can You Strengthen Federal Government Security? in the forum
CDM Learning – Bits & Bytes 2 years, 2 months agoHow Can You Strengthen Federal Government Security?
The first goal of the Federal Identity, Credential, and Access Management (FICAM) initiative is to strengthen the Federal Government’s information and physical security. To meet it, agencies need to ensure access to resources to only those authorized; manage trusted identities; support c…[Read more]
-
CDM Learning started the topic How Can You Strengthen Federal Government Security? in the forum
CDM Learning – Bits & Bytes 2 years, 2 months agoHow Can You Strengthen Federal Government Security?
The first goal of the Federal Identity, Credential, and Access Management (FICAM) initiative is to strengthen the Federal Government’s information and physical security. To meet it, agencies need to ensure access to resources to only those authorized; manage trusted identities; support c…[Read more]
-
CDM Learning started the topic What is FICAM? in the forum
CDM Learning – Bits & Bytes 2 years, 2 months agoWhat is FICAM?
The Federal Identity, Credential, and Access Management (FICAM) Program is the Federal Government’s implementation of Identity, Credential, and Access Management (ICAM). FICAM provides a common set of ICAM standards, best practices, and implementation guidance for federal agencies to better manage users and protect federal n…[Read more] -
CDM Learning started the topic How Are PDP and PEP Used for Access Control? in the forum
CDM Learning – Bits & Bytes 2 years, 2 months agoHow Are PDP and PEP Used for Access Control?
To paraphrase NIST 800-162, access policies must be enforced through an access control mechanism (ACM), the logical component that receives the access request from the subject, makes the access decision, and then enforces it. The ACM often employs both a Policy Decision Point (PDP) and a Policy…[Read more] -
CDM Learning started the topic How Can I Best Manage Privileged Users? in the forum
CDM Learning – Bits & Bytes 2 years, 2 months agoHow Can I Best Manage Privileged Users?
According to the National Institute for Standards and Technology (NIST) Special Publication 800-53 Revision 4, Security Controls and Assessment Procedures for Federal Information Systems and Organizations, restricting privileged accounts only to specific personnel or roles, such as system administrators…[Read more] - Load More
