CISSP Cert Prep - 5 Identity and Access Management
Prepare for the CISSP exam while you learn industry best practices for identity and access management (IAM). IAM is covered in the fifth domain of the exam, and comprises 13% of the test questions for the highly prized IT security certification. This course includes coverage of the core components of IAM: identification, authentication, authorization, and accountability. Learn how to control both the physical and logical access to your hardware, information systems, and data. Instructor Mike Chapple, the author of our nine-part CISSP test prep series, also covers credential management, external identity management, and prevention and mitigation of access control attacks. Members who take all eight courses in the series will be prepared to take the CISSP exam.
Topics include:
Identity and access management overview
Identification mechanisms: user names, access cards, biometrics, and registration
Authentication factors
Password authentication protocols
Identity as a service (IDaaS)
Enforcing accountability
Managing credentials with policies
Using access control lists
Defending against access control attacks
Introduction
|
|
|
||
|
01. Introduction
|
02. What_you_need_to_know
|
2 - 1._Identity_and_Access_Management
|
|
|
||
|
03. Identity_and_access_management
|
04. Identification_authentication_and_authorization
|
3 - 2._Identification
|
|
|
|
|
|
05. Usernames_and_access_cards
|
06. Biometrics
|
07. Registration_and_identity_proofing
|
4 - 3._Authentication
|
|
|
|
|
|
08. Authentication_factors
|
09. Multi-factor_authentication
|
10. Something_you_have
|
11. Password_authentication_protocols
|
|
|
|
|
|
|
12. SSO_and_federation
|
13. RADIUS_and_TACACS
|
14. Kerberos_and_LDAP
|
15. SAML
|
|
|
|
|
|
|
16. Identity_as_a_service_IDaaS
|
17. OAuth_and_OpenID_Connect
|
18. Certificate-based_authentication
|
5 - 4._Accountability
|
|
|
||
|
19. Understanding_accountability
|
20. Session_management
|
6 - 5._Credential_Management
|
|
|
|
|
|
21. Understanding_account_and_privilege_management
|
22. Account_policies
|
23. Password_policies
|
24. Manage_roles
|
|
|
|
||
|
25. Account_monitoring
|
26. Provisioning_and_deprovisioning
|
7 - 6._Authorization
|
|
|
|
|
|
27. Understanding_authorization
|
28. Mandatory_access_controls
|
29. Discretionary_access_controls
|
30. Access_control_lists
|
|
|
|
||
|
31. Database_access_control
|
32. Advanced_authorization_concepts
|