Chapter 5 Identity and Access Management (Domain 5)

  1. Which of the following is best described as an access control model that focuses on subjects and identifies the objects that each subject can access?

    1. An access control list
    2. An implicit denial list
    3. A capability table
    4. A rights management matrix
  2. Jim’s organization-wide implementation of IDaaS offers broad support for cloud-based applications. The existing infrastructure for Jim’s company does not use centralized identity services but uses Active Directory for AAA services. Which of the following choices is the best option to recommend to handle the company’s onsite identity needs?

    1. Integrate onsite systems using OAuth.
    2. Use an on-premise third-party identity service.
    3. Integrate onsite ...

Get CISSP Official (ISC)2 Practice Tests now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.