IN THIS CHAPTER
Controlling access to information, systems, devices, and facilities
Managing identification and authentication techniques
Integrating identity and access management in the cloud and on-premises
Understanding data access control mechanisms
Defending against access control attacks
Managing the identity and access provisioning lifecycle
Identity and access management (IAM) is often the first — and sometimes the only — line of defense between adversaries and sensitive information. In fact, in the modern cloud era with ubiquitous mobile computing and anywhere, anytime access to applications and data, many security practitioners now refer to identity as “the new perimeter.” Security professionals must have a thorough understanding of the concepts and technologies involved. This domain represents 13 percent of the CISSP certification ...