CHAPTER 5

Identity and Access Management

This domain includes questions from the following topics:

•   Identification methods and technologies

•   Authentication methods, models, and technologies

•   Discretionary, mandatory, and nondiscretionary models

•   Accountability, monitoring, and auditing practices

•   Registration and proof of identity

•   Identity as a Service

•   Threats to access control practices and technologies

Controlling access to resources is a vital element of any information security program. Controlling who can access what and when helps protect information assets and company resources from unauthorized modification and disclosure. Thus, access controls address all three services in the AIC triad—availability, integrity, ...

Get CISSP Practice Exams, Fifth Edition, 5th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.