CIS Critical Security Control 6: Access Control Management (v8)
This course is part of our series on the CIS Top 18 Critical Security Controls v8, and covers Control 6: Access Control Management. The primary objective of this control is to enable Multifactor Authentication (MFA) on a Linux server and define role-based access controls.

Course Content
This course helps learners prepare for industry certifications around the CIS Controls. These security controls can be combined with frameworks such as NIST SP 800-37 (the NIST Risk Management Framework, RMF) to provide organizations with defense-in-depth best practices.
CIS Critical Security Control 6: Access Control Management (v8) focuses on one of the most essential pillars of cybersecurity: ensuring the right people have the right access, at the right time, for the right reasons. Through real-world examples and practical guidance, your team will learn how to apply principles like least privilege, role-based access control, and timely deprovisioning to minimize attack surfaces.
By the end of all CIS Critical Security Controls (v8) courses, they’ll be equipped to build a more secure, compliant, and resilient access control program aligned with CIS best practices. Start learning today.














