CISSP: Identity and Access Management

(Controlling Access and Managing Identity)

You can start with

  • Provisioning
  • Managing identities
  • Access used with interaction of humans
  • Access used with Information systems
  • Disparate Information Systems
  • Between individual components of IS's
  • gaining unauthorized access to systems (Access Control)
  • gaining access to information (Confidentiality)

and Address:

  • Identification
  • Authentication
  • Authorization
  • of

    • Users
    • Systems
    • Services
  • Single
  • Multi-factor authentication
  • Accountability
  • Session Management
  • Registration
  • Proofing
  • Federated Identity management
  • Credential Management Systems

Followed by a small helping of:

  • Cloud based systems
  • Third party identity management systems

Every CISSP will be able to:

  • Implement authorization mechanisms
  • Manage authorization mechanisms
  • Role Based
  • Rule based
  • Mandatory Access Control
  • Discretionary Access Control

All while attacking these systems so don't forget you'll need to

  • Prevent attacks
  • Mitigate attacks

throughout its lifecycle

Course Content

Lessons Status

Leave Comment

Your email address will not be published. Required fields are marked *