Time
9 hours 48 minutes
Difficulty
Intermediate
CEU/CPE
10

Video Transcription

00:00
All right, so we've identified. We've proven our identity
00:05
with multi factor authentication, right, because that's really what we need
00:10
next. Things to get authorized. What can I do? So this just a little illustration that individual users are authorized, perhaps based on their role within the organization, perhaps based on their region, perhaps based on any other set of potentials,
00:27
but they're authorized to access. Certain resource is,
00:30
I'll tell you, from again attesting standpoint, we 10 until they like this idea of access control. That's role based, role based access control and you'll see that is our back. And the reason for that is if you have permissions and rights associated with your role
00:49
and you moved to a new roll, those permissions and rights are following you,
00:54
right? So we we really reduce the issues with privilege creep,
00:59
and we have a more consistent set of rights and permissions. It makes account reviews easier, so we tend to like dealing with this from a role based, access control type environment
01:11
into one of many ways. You know, discretionary access control comes to us, you'll see it in the window's environment,
01:19
and that's just based on okay, you create an account that's your identity, and I'll sign whatever rolls and permissions you want.
01:25
So roll based access control has a stronger degree of administrative control. It's a more secure environment.

Up Next

Certified Cloud Security Professional (CCSP)

This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor