Identity and Access Management

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

CRISC
Course
Time
8 hours 25 minutes
Difficulty
Intermediate
Video Transcription
00:00
>> The Identity and Access Management topic as a whole.
00:00
You know I don't like to read from slides,
00:00
but I'm just going to give you this
00:00
quote because it comes from
00:00
ISC square and I want us to consider that.
00:00
The role here is to focus on
00:00
harmonizing the provisioning of users
00:00
and managing access from
00:00
multiple systems with
00:00
different native access control systems.
00:00
That's a lot going on right
00:00
there so this idea of harmonizing,
00:00
having things work together,
00:00
orchestration and automation,
00:00
managing access from across multiple systems.
00:00
We're not just talking about local login and honestly,
00:00
we're not just talking about
00:00
logging in from a single domain.
00:00
We're talking about allowing credentials
00:00
to traverse domains regardless of what the platforms are.
00:00
Of course, that's going to require
00:00
some configuration and some setup,
00:00
and that's exactly what this domain is all about.
00:00
Like I said, we're going to focus
00:00
on identity management first.
00:00
When we say identity management,
00:00
what we're referring to is
00:00
creating an identity for our users.
00:00
That identity could be based on who they are.
00:00
I might have a Kelly H account,
00:00
could be based on my role within the organization.
00:00
I might have Trainer 1.
00:00
But the idea is this identity
00:00
is going to be tied to my login information,
00:00
my user account and I'm going to use
00:00
that to identify two resources throughout the network.
00:00
Now once I identify,
00:00
here's where the access management piece comes in.
00:00
Because then I have to authenticate,
00:00
which is prove I am who I say I am.
00:00
I have to authenticate,
00:00
which is who I am, proving it.
00:00
I am who I say I am,
00:00
then I get authorized and authorization is about being
00:00
granted rights and permissions
00:00
to perform certain actions on the network,
00:00
and then accounting or
00:00
auditing being the final stage here,
00:00
where I am able or we're
00:00
able to map actions to a specific user.
00:00
There are a lot of elements, as you can see,
00:00
the little diagram that goes into these pieces.
Up Next
View All
Instructed By
Kelly Handerhan

Kelly Handerhan

Senior Instructor
Similar Content
Linux Hardening
Course
Linux Hardening
Are you a Linux systems administrator seeking to learn the best practices for securing your ...
12CEUs
ISACA Certified in Risk and Information Systems Control (CRISC)
Practice Test
ISACA Certified in Risk and Information Systems Control (CRISC)
Demonstrate your expertise in identifying and managing IT risk within an enterprise and in implementing ...
IoT Product Security
Course
IoT Product Security
4.67
As with the regular Internet, the Internet of Things (IoT) is increasingly targeted in malicious ...
8CEUs