This course is an overview of the Identity and Access Management objective for the CISSP®, which includes the threats, theories, and concepts that are part of managing access to a diverse set of technologies and systems.
Access controls lie at the very heart of an information security program. After all, information security is all about access control - who can get on our systems, networks, and our buildings and what can they do when they gain access? In this course, CISSP® - Identity and Access Management, you'll learn about the concepts and theory of identity and access management. Next, you'll learn about mandatory and discretionary access control along with types of controls and related risk. Finally, you'll learn about access control attacks. By the end of this course, you'll have an understanding of identity and access management and be able to approach these areas in the CISSP® examination with confidence.
Kevin Henry is a passionate mentor and educator in the fields of information security and audit. Mixing experience with knowledge, Kevin delivers effective training programs for companies and individuals worldwide. A frequent speaker at prestigious conferences, Kevin is known for a clear understandable manner of imparting practical information and explaining difficult topics.
Hi everyone, my name is Kevin Henry, a security and risk consultant and a holder of the CISSP certification. Welcome to my course on Identity and Access Management – one of the eight domains that make up the CISSP examination. This course is an overview of Identity and Access Management – including the threats, theories and concepts that are part of managing access to a diverse set of technologies and systems. This course will help you prepare for (ISC)2’s CISSP (Certified Information Systems Security Professional) Examination.
I work in Outreach as a Security Evangelist at Team Cymru and I have been involved in the development of the CISSP for many years including nearly a decade as the Vice President of Education at ISC2.
Access Controls lie at the very heart of an Information Security program. After all, in the end, Information security is all about access control – who can get on our systems, networks and into our buildings – and what can they do when they gain access? We need to build resilient and robust access control systems that will withstand attacks and prevent compromise – whether those attacks come form external or internal sources.
Some of the major topics that we will cover include:
The concepts and theory of identity and access management
Mandatory and Discretionary Access Control
Types of controls and related risk
Access Control attacks
By the end this course, you’ll have an understanding of Identity and access management and be able to approach these areas in the CISSP examination with confidence.
From here, you should feel comfortable diving into the rest of the domains of the CISSP.
I hope you’ll join me on this journey to learn about Identity and Access Management with this essential part of the CISSP course, at Pluralsight.