Home > Articles > Access Management

Access Management

Chapter Description

In this sample chapter from Cisco Certified Support Technician (CCST) Cybersecurity 100-160 Official Cert Guide, you will learn how to provide an access management solution using the AAA framework, which outlines the best practices you need to consider when it comes to authentication, authorization, and accounting. This chapter covers CCST exam objective 1.3.

Introduction to AAA

key_topic.jpg

AAA, which is pronounced “triple A” and stands for authentication, authorization, and accounting, is a framework. A framework is a real or conceptual structure intended to serve as a support or guide for the building of something that expands the structure into something useful. The AAA framework is a guide that helps you build the controls needed to access computing resources, enforce policies, and audit usage. AAA plays a very important role in security.

Authentication is about verifying the identity of those who access your systems and data. Therefore, without authentication, you can’t control access to your data, and so you can’t protect confidentiality, integrity, and availability (CIA). Authorization is about controlling what can be done to your systems and data. Therefore, without authorization, you can’t control what can be done with your data, and so you can’t protect CIA. Accounting is about recording everything that is happening to your systems and data. Therefore, without accounting, you can’t keep track of the who, what, where, when, why, and how of your data, and so you can’t protect CIA.

As you can see, without AAA, it is impossible to meet the CIA needs of your organization.

3. Authentication | Next Section Previous Section

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.