Course Details

Previous Page


CISSP: Identity and Access Management


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number



Overview/Description
Identity and access management is at the heart of security management and is key to the CISSP examination. Compromising identity is the main aim of most attacks on data confidentiality. In this course, you'll learn about physical and logical access control, the proper management of identity and identification of the identity lifecycle, and attacks to access control and their mitigation. You'll also learn about the design and components of network systems, how to implement secure systems, and how to mitigate common attacks. This course is one of a series in the Skillsoft learning path that covers the objectives for the Certified Information Systems Security Professional (CISSP) exam.

Target Audience
Individuals interested in information systems security concepts, methodologies and best practices; candidates for the Certified Information Systems Security Professional (CISSP) exam

Prerequisites
None

Expected Duration (hours)
2.0

Lesson Objectives

CISSP: Identity and Access Management

  • start the course
  • describe methods to control access to information assets
  • describe methods to control access to computer systems
  • describe methods to control access to devices, including BYOD
  • describe methods to control physical access to buildings and facilities
  • identify implementations of identity management
  • describe authentication factors and the use of multifactor authentication in authentication systems
  • identify areas of accountability with respect to authentication, including session management tasks, such as locking workstations and setting screensaver timeouts
  • describe systems for registering identity and assuring identity with a level of certainty
  • describe credential management and federated authentication systems
  • describe cloud identity services, and the functioning of identity as a service
  • identify on-premises identity providers
  • describe delegated identity in the context of authentication systems
  • describe the functioning of role-based access control systems
  • describe the functioning of rule-based access control systems
  • identify discretionary and mandatory access controls
  • describe social engineering attacks related to access control
  • describe unauthorized physical access attacks
  • describe the use of malicious code or malware in access control attacks
  • describe mitigation strategies for access control attacks
  • describe the identity access lifecycle
  • describe the identity access lifecycle provisioning stage
  • describe the identity access lifecycle revoking access stage
  • describe regulatory considerations for identity and access control systems
  • identify best practice for identity and access management
  • describe identity and access control systems and best practice for access management
  • Course Number:
    sp_cisp_a07_it_enus