Part 01 - Intro to ID

Video Activity

Welcome to Module 05 of the CISSP certification course at Cybrary.it! We kick off this module with a review and continuation of identity and access management. Access controls objectives are concerned with IAAA: Identification, Authentication, Authorization, and Accounting. We'll go into detail on these controls in the next section. For now, unders...

Join over 3 million cybersecurity professionals advancing their career

Sign up with

or

Already have an account? Sign In »

Course

Time

12 hours 41 minutes

Difficulty

Advanced

CEU/CPE

13

Video Description

Welcome to Module 05 of the CISSP certification course at Cybrary.it! We kick off this module with a review and continuation of identity and access management. Access controls objectives are concerned with IAAA: Identification, Authentication, Authorization, and Accounting. We'll go into detail on these controls in the next section. For now, understand that identification is a claim as to who you are and authentication is based on either something you know, something you have, or something you do. Authorization is concerned with what you're allowed to do and accounting is the process of auditing and tracking what you do. We then touch on single sign on. Its advantages as well as the risks associated with the freedom it provides. The video then concludes with mentioning topics that we'll be discussing in upcoming sections such as access control models, access control methods, access control administration, and data emanation.

Video Transcription

00:04

Okay, so let's take a look at this, uh, this domain and what we're gonna cover eso. We talked about the idea and the definition of identity and access management. So we're gonna really take a few minutes and get into the I triple A identification authentication authorization into counting

00:23

and within authentication. We're gonna talk about type one type to type three

00:28

authentication and also mentioned that many other

00:31

environments continue. Consider type three and type four. So type one something, you know, type to something you have type three bi metrics and then frequently type four and five something I do like, for instance, a, uh um,

00:49

a finger swiped. You know, a lot of the smartphones now, rather than having a code. Have you

00:54

do a certain pattern with your fingers? That's something I do and then some where you are is frequently associated, maybe with an I P address or a Mac address or even a phone number. So multiple types of authentication we've got authorization, which is spelled very, very badly. I just noticed

01:14

authorization is what I'm

01:17

allowed to do. And then accounting is all about accountability. Sometimes referred to his auditing, you know, tracking back my activities to a specific, uh, are striking activities back to a specific individual or department. Or however, that is, then we'll shift into talking about single sign on.

01:34

We'll talk about some access control models, Mac back and are back

01:38

Anne's method access control techniques and methodologies. Then we'll look at Central versus Decentralized Access Control Administration and wrap things up by examining Data Emanation. So that's a good chapter, a lot of good information in it, and we'll be starting with the eye Triple A in the next model.

Up Next

Part 02 - Defining Identity and Access Management

Part 03 - Core Security Requirements

Part 04 - Access Control Models

Part 05 - Authentication TYPE I

Part 06 - Authentication TYPE II

ISC2 CISSP

Our free online CISSP (8 domains) training covers topics ranging from operations security, telecommunications, network and internet security, access control systems and methodology and business continuity planning.

Instructed By

Kelly Handerhan

Kelly Handerhan

Senior Instructor