LDAP (Lightweight Directory Access Protocol) is an open protocol for accessing directory services. Directory services store information about users, groups, devices, and other network resources in a hierarchical structure. LDAP is commonly used for centralized authentication and authorization, often in combination with Active Directory or OpenLDAP. For your ISMS, secure LDAP configuration is important: use LDAPS (LDAP over TLS) or StartTLS to prevent credentials from being transmitted in plain text. Restrict LDAP queries to the minimum necessary attributes and monitor unusual query patterns, as LDAP enumeration is a common reconnaissance step in attacks.