Think Positive Cyber

Today I studied Identity and Access Management (IAM) for CompTIA Security+ SY0-701 (Objective 4.6) with Professor Messer, and I learned how critical access control is in modern cybersecurity. Applications run on desktops, browsers, and mobile devices, while data lives in cloud storage and private data centers. IAM ensures the right users—employees, vendors, contractors, and customers—receive the correct permissions at the right time and that access is removed during offboarding. Authentication methods like passwords and biometrics are logged for compliance, and systems like VPNs rely on AAA servers to verify credentials before granting access.

I also learned how technologies like Single Sign-On (SSO), LDAP, and the X.500 directory structure organize identities in hierarchical trees such as Active Directory. I studied SAML for web-based authentication and OAuth for authorization between applications, along with federation and interoperability across APIs and authentication servers. These identity security concepts are foundational for both the Security+ exam and real-world cybersecurity roles.

As I continue my cybersecurity journey and prepare for Security+, I’m also planning to hike most of Cowles Mountain in San Diego on 2/18/2026—building discipline both mentally and physically.