Overview/Description
Identity and access management is at the heart of security management and is key to the CISSP examination. Compromising identity is the main aim of most attacks on data confidentiality. In this course, you'll learn about physical and logical access control, the proper management of identity and identification of the identity lifecycle, and attacks to access control and their mitigation. You'll also learn about the design and components of network systems, how to implement secure systems, and how to mitigate common attacks. This course is one of a series in the Skillsoft learning path that covers the objectives for the Certified Information Systems Security Professional (CISSP) exam.
Target Audience
Individuals interested in information systems security concepts, methodologies and best practices; candidates for the Certified Information Systems Security Professional (CISSP) exam
describe methods to control access to information assets
describe methods to control access to computer systems
describe methods to control access to devices, including BYOD
describe methods to control physical access to buildings and facilities
identify implementations of identity management
describe authentication factors and the use of multifactor authentication in authentication systems
identify areas of accountability with respect to authentication, including session management tasks, such as locking workstations and setting screensaver timeouts
describe systems for registering identity and assuring identity with a level of certainty
describe credential management and federated authentication systems
describe cloud identity services, and the functioning of identity as a service
identify on-premises identity providers
describe delegated identity in the context of authentication systems
describe the functioning of role-based access control systems
describe the functioning of rule-based access control systems
identify discretionary and mandatory access controls
describe social engineering attacks related to access control
describe unauthorized physical access attacks
describe the use of malicious code or malware in access control attacks
describe mitigation strategies for access control attacks
describe the identity access lifecycle
describe the identity access lifecycle provisioning stage
describe the identity access lifecycle revoking access stage
describe regulatory considerations for identity and access control systems
identify best practice for identity and access management
describe identity and access control systems and best practice for access management