11. Day 11 – Identity and Access Management - Identity Management
by M. L. Srinivasan
CISSP in 21 Days - Second Edition
- CISSP in 21 Days Second Edition
- CISSP in 21 Days Second Edition
- Credits
- About the Author
- About the Reviewer
- www.PacktPub.com
- Preface
- 1. Day 1 – Security and Risk Management - Security, Compliance, and Policies
- 2. Day 2 – Security and Risk Management - Risk Management, Business Continuity, and Security Education
- 3. Day 3 – Asset Security - Information and Asset Classification
- 4. Day 4 – Asset Security - Data Security Controls and Handling
- 5. Day 5 – Exam Cram and Practice Questions
- 6. Day 6 – Security Engineering - Security Design, Practices, Models, and Vulnerability Mitigation
- 7. Day 7 – Security Engineering - Cryptography
- 8. Day 8 – Communication and Network Security - Network Security
- An overview of communication and network security
- Network architecture, protocols, and technologies
- Open System Interconnect (OSI) model
- OSI layers and security
- Application layer protocols and security
- Presentation layer protocols and security
- Summary
- Sample questions
- 9. Day 9 – Communication and Network Security - Communication Security
- An overview of communication security
- Security in communication channels
- Attacks on communication networks
- Preventing or mitigating communication network attacks
- Summary
- Sample questions
- 10. Day 10 – Exam Cram and Practice Questions
- 11. Day 11 – Identity and Access Management - Identity Management
- 12. Day 12 – Identity and Access Management - Access Management, Provisioning, and Attacks
- 13. Day 13 – Security Assessment and Testing - Designing, Performing Security Assessment, and Tests
- An overview of security assessment and testing
- Security assessment and test strategies
- Security controls
- Summary
- Sample questions
- 14. Day 14 – Security Assessment and Testing - Controlling, Analyzing, Auditing, and Reporting
- 15. Day 15 – Exam Cram and Practice Questions
- 16. Day 16 – Security Operations - Foundational Concepts
- An overview of operations security
- The physical security design
- Physical and operations security controls
- Operations/facility security
- Protecting and securing equipment
- Computer investigations
- Summary
- Sample questions
- 17. Day 17 – Security Operations - Incident Management and Disaster Recovery
- 18. Day 18 – Software Development Security - Security in Software Development Life Cycle
- 19. Day 19 – Software Development Security - Assessing effectiveness of Software Security
- 20. Day 20 – Exam Cram and Practice Questions
- 21. Day 21 – Exam Cram and Mock Test
This chapter covers provisioning and managing identities, and the access used in the interaction between humans and information systems. The core concepts of identification, authentication, authorization and accountability are covered in detail here. Concepts related to identity as a service or cloud based third-party identity services are covered; and security requirements in such services are covered with illustration.
A candidate for the CISSP exam is expected to have foundational concepts and knowledge in the following key areas of the identity and access management domain:
- Physical and logical access to assets
- Identity management principles and implementation
- Identity as a service
- Third-party identity services
- Access management
- Authorization mechanisms
- The identity and provisioning life cycle
- Preventing or mitigating access control attacks
An asset, such as data, is accessed through systems and applications. Similarly, access to facilities such as data centers and operational areas are facilitated through access control mechanisms. Hence, physical or logical access to assets needs to establish the identity of the person or process scripts before determining the access permission.
Observe the following illustration. Users need access to data or physical facilities. Similarly, scripts or programs need access to data for processing and execution. Essentially, one type of asset needs access to another type of asset. The overall process of facilitating and managing identities of such assets, and controlling access while ensuring information security, is termed as Identity and Access Management (IAM):
In this module you will understand the following:
- Physical and logical access to assets and security controls
- Identification and authentication
- Managing people to device interactions
- Integrating identity as a service and third-party identity services
-
No Comment