Mike Chapple

(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide


Скачать книгу

Systems 13 5.1.3 Devices 13 5.1.4 Facilities 13 5.1.5 Applications 13 5.2 Manage identification and authentication of people, devices, and services 13 5.2.1 Identity Management (IdM) implementation 13 5.2.2 Single/multi-factor authentication (MFA) 13 5.2.3 Accountability 13 5.2.4 Session management 13 5.2.5 Registration, proofing, and establishment of identity 13 5.2.6 Federated Identity Management (FIM) 13 5.2.7 Credential management systems 13 5.2.8 Single Sign On (SSO) 13 5.2.9 Just-In-Time (JIT) 13 5.3 Federated identity with a third-party service 13 5.3.1 On-premise 13 5.3.2 Cloud 13 5.3.3 Hybrid 13 5.4 Implement and manage authorization mechanisms 14 5.4.1 Role Based Access Control (RBAC) 14 5.4.2 Rule based access control 14 5.4.3 Mandatory Access Control (MAC) 14 5.4.4 Discretionary Access Control (DAC) 14 5.4.5 Attribute Based Access Control (ABAC) 14 5.4.6 Risk based access control 14 5.5 Manage the identity and access provisioning lifecycle 13, 14 5.5.1 Account access review (e.g., user, system, service) 13 5.5.2 Provisioning and deprovisioning (e.g., on/off boarding and transfers) 13 5.5.3 Role definition (e.g., people assigned to new roles) 13 5.5.4 Privilege escalation (e.g., managed service accounts, use of sudo, minimizing its use) 14 5.6 Implement authentication systems 14 5.6.1 OpenID Connect (OIDC)/Open Authorization (Oauth) 14