Group Admins
The CDM Learning Community is designed to enhance cybersecurity risk management by fostering a CDM learning environment that increases Departments and Agencies awareness and knowledge about the CDM program and offer a place to exchange best practices for implementing and maintaining the CDM program.
-
Angelo Nappi joined the group
CDM Learning – Bits & Bytes 4 months, 3 weeks ago -
CDM Learning started the topic Types of CDM Containers in the forum
CDM Learning – Bits & Bytes 9 months agoWhat Are the Types of CDM Containers?
-
The Continuous Diagnostics and Mitigation (CDM) program uses two types of containers to group an agency’s information system policies and asset attributes. Organizational Unit (OU) Containers group organization-specific policies and attributes. Federal Information Security Modernization Act (FISMA) C…
-
CDM Learning started the topic What Are CDM Containers? in the forum
CDM Learning – Bits & Bytes 9 months, 1 week agoWhat Are CDM Containers?
-
In the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program, containers are used to place all of an agency’s information technology assets into organized groupings. The container is one of CDM’s core design concepts.
For a given agency, CDM is concerned with any information techn…[Read more]
-
Elena Lauren joined the group
CDM Learning – Bits & Bytes 9 months, 2 weeks ago -
CDM Learning started the topic What Is the CDM Architecture? in the forum
CDM Learning – Bits & Bytes 9 months, 3 weeks agoWhat Is the CDM Architecture?
-
The Continuous Diagnostics and Mitigation (CDM) Architecture provides a comprehensive and consistent baseline architecture for the flow of CDM data and policies among agency networks, the agencies, and the federal level. Agencies can tailor their specific implementations of the Architecture to address specific…
-
CDM Learning started the topic How Do I Defend Against Common Threats to Credentials? in the forum
CDM Learning – Bits & Bytes 9 months, 4 weeks agoHow Do I Defend Against Common Threats to Credentials?
-
Attackers commonly try to steal usernames and passwords, or the files used to verify them, to penetrate federal systems. Multifactor authentication, especially the use of Personal Identity Verification (PIV) cards, reduces this risk by requiring users to log in with both physical and logical…
-
Sandra Graham joined the group
CDM Learning – Bits & Bytes 10 months ago -
CDM Learning started the topic What is NIST Digital Identity Assurance? in the forum
CDM Learning – Bits & Bytes 10 months agoWhat is NIST Digital Identity Assurance?
The National Institute of Standards and Technology (NIST) Digital Identity Guidelines provide flexible requirements for agencies seeking to assure user identities on their networks. These guidelines describe three components of identity assurance—Identity, Authentication, and Federation—and three lev…[Read more]
-
CDM Learning started the topic What is NIST Digital Identity Assurance? in the forum
CDM Learning – Bits & Bytes 10 months agoThe National Institute of Standards and Technology (NIST) Digital Identity Guidelines provide flexible requirements for agencies seeking to assure user identities on their networks. These guidelines describe three components of identity assurance—Identity, Authentication, and Federation—and three levels of sophistication in each component.
-
CDM Learning started the topic What is NIST Digital Identity Assurance? in the forum
CDM Learning – Bits & Bytes 10 months agoThe National Institute of Standards and Technology (NIST) Digital Identity Guidelines provide flexible requirements for agencies seeking to assure user identities on their networks. These guidelines describe three components of identity assurance—Identity, Authentication, and Federation—and three levels of sophistication in each component.
-
CDM Learning started the topic What is NIST Digital Identity Assurance? in the forum
CDM Learning – Bits & Bytes 10 months agoThe National Institute of Standards and Technology (NIST) Digital Identity Guidelines provide flexible requirements for agencies seeking to assure user identities on their networks. These guidelines describe three components of identity assurance—Identity, Authentication, and Federation—and three levels of sophistication in each component.
-
CDM Learning started the topic How Are Credentials Issued to Federal Users? in the forum
CDM Learning – Bits & Bytes 10 months, 1 week agoHow Are Credentials Issued to Federal Users?
A Credential Service Provider (CSP) gives a user a credential (e.g., user name) and an authenticator (e.g., password). To access resources, the user provides his or her credential and the authenticator. The CSP is used to validate, store, and maintain credentials and is the key for managing authorized…[Read more] -
CDM Learning started the topic How Can You Strengthen Federal Government Security? in the forum
CDM Learning – Bits & Bytes 10 months, 2 weeks agoHow Can You Strengthen Federal Government Security?
The first goal of the Federal Identity, Credential, and Access Management (FICAM) initiative is to strengthen the Federal Government’s information and physical security. To meet it, agencies need to ensure access to resources to only those authorized; manage trusted identities; support c…[Read more] -
CDM Learning started the topic How Can You Strengthen Federal Government Security? in the forum
CDM Learning – Bits & Bytes 10 months, 2 weeks agoHow Can You Strengthen Federal Government Security?
The first goal of the Federal Identity, Credential, and Access Management (FICAM) initiative is to strengthen the Federal Government’s information and physical security. To meet it, agencies need to ensure access to resources to only those authorized; manage trusted identities; support c…[Read more]
-
CDM Learning started the topic How Can You Strengthen Federal Government Security? in the forum
CDM Learning – Bits & Bytes 10 months, 2 weeks agoHow Can You Strengthen Federal Government Security?
The first goal of the Federal Identity, Credential, and Access Management (FICAM) initiative is to strengthen the Federal Government’s information and physical security. To meet it, agencies need to ensure access to resources to only those authorized; manage trusted identities; support c…[Read more]
-
CDM Learning started the topic What is FICAM? in the forum
CDM Learning – Bits & Bytes 10 months, 3 weeks agoWhat is FICAM?
The Federal Identity, Credential, and Access Management (FICAM) Program is the Federal Government’s implementation of Identity, Credential, and Access Management (ICAM). FICAM provides a common set of ICAM standards, best practices, and implementation guidance for federal agencies to better manage users and protect federal n…[Read more] -
CDM Learning started the topic How Are PDP and PEP Used for Access Control? in the forum
CDM Learning – Bits & Bytes 11 months agoHow Are PDP and PEP Used for Access Control?
To paraphrase NIST 800-162, access policies must be enforced through an access control mechanism (ACM), the logical component that receives the access request from the subject, makes the access decision, and then enforces it. The ACM often employs both a Policy Decision Point (PDP) and a Policy…[Read more] -
CDM Learning started the topic How Can I Best Manage Privileged Users? in the forum
CDM Learning – Bits & Bytes 11 months, 1 week agoHow Can I Best Manage Privileged Users?
According to the National Institute for Standards and Technology (NIST) Special Publication 800-53 Revision 4, Security Controls and Assessment Procedures for Federal Information Systems and Organizations, restricting privileged accounts only to specific personnel or roles, such as system administrators…[Read more] -
CDM Learning started the topic How Can I Best Manage Privileged Users? in the forum
CDM Learning – Bits & Bytes 11 months, 1 week agoAccording to the National Institute for Standards and Technology (NIST) Special Publication 800-53 Revision 4, Security Controls and Assessment Procedures for Federal Information Systems and Organizations, restricting privileged accounts only to specific personnel or roles, such as system administrators for various commercial off-the-shelf…[Read more]
-
CDM Learning started the topic How Can I Best Manage Privileged User? in the forum
CDM Learning – Bits & Bytes 11 months, 1 week agoAccording to the National Institute for Standards and Technology (NIST) Special Publication 800-53 Revision 4, Security Controls and Assessment Procedures for Federal Information Systems and Organizations, restricting privileged accounts only to specific personnel or roles, such as system administrators for various commercial off-the-shelf…[Read more]
- Load More
