CISSP Cert Prep (2021): 5 Identity and Access Management
2h 17mAdvanced2021-03-12
Authors

Mike Chapple
Teaching Professor at the University of Notre Dame
Course details
Are you getting ready for the Certified Information Systems Security Professional (CISSP) exam, or perhaps an experienced information security professional who wants to learn more about identity and access management? In this course, instructor Mike Chapple provides you with the detailed information you need to prepare for the Identify and Access Management domain of the 2021 CISSP exam. Mike begins by explaining identification, including usernames, access cards, biometrics, and more. He explains authentication factors, multifactor authentication, and password authentication protocols, then goes into access control systems and authentication services. Mike covers how to manage sessions and a variety of account types and roles. He helps you understand authorization and the controls you may use to manage authorizations. In closing, Mike goes over different access control attacks you may encounter and how these attacks work.
Skills covered
Identity and Access ManagementCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Identity and access management
- 02 - What you need to know
- 03 - Study resources
1. Identification
- 04 - Identification, authentication, and authorization
- 05 - Usernames and access cards
- 06 - Biometrics
- 07 - Registration and identity proofing
2. Authentication
- 08 - Authentication factors
- 09 - Multifactor authentication
- 10 - Something you have
- 11 - Password authentication protocols
- 12 - Single sign-on and federation
- 13 - RADIUS and TACACS
- 14 - Kerberos and LDAP
- 15 - SAML
- 16 - Identity as a service (IDaaS)
- 17 - OAuth and OpenID Connect
- 18 - Certificate-based authentication
3. Accountability
- 19 - Accountability
- 20 - Session management
4. Account Management
- 21 - Understand account and privilege management
- 22 - Account types
- 23 - Account policies
- 24 - Password policies
- 25 - Manage roles
- 26 - Account monitoring
- 27 - Privileged access management
- 28 - Provisioning and deprovisioning
5. Authorization
- 29 - Understand authorization
- 30 - Mandatory access controls
- 31 - Discretionary access controls
- 32 - Access control lists
- 33 - Database access control
- 34 - Advanced authorization concepts
6. Access Control Attacks
- 35 - Social engineering
- 36 - Impersonation attacks
- 37 - Identity fraud and pretexting
- 38 - Watering hole attacks
- 39 - Physical social engineering
Conclusion
- 40 - Continuing your preparation
Related courses
- CISSP Cert Prep (2021): 3 Security Architecture and Engineering
- CISSP Cert Prep (2021): 1 Security and Risk Management
- CISSP Cert Prep (2021): 2 Asset Security
- CISSP Cert Prep (2021): 6 Security Assessment and Testing
- CISSP Cert Prep (2021): 4 Communication and Network Security
- CISSP Cert Prep (2021): 7 Security Operations
- CISSP Cert Prep (2021): The Basics
- CISSP Cert Prep (2021): 8 Software Development Security