Identitätszugriffsverwaltung & Sicherheitsbewertung und -tests
Preis: $109.99
Willkommen zu diesem Kurs: CISSP Certification Domain 5 & 6: Identitäts- und Zugriffsverwaltung & Sicherheitsbewertung und -tests. Access is one of the most exploited aspects of security because it is the gateway that leads to critical assets. This course covers provisioning and managing identities, and the access used in the interaction between humans and information systems. Access controls need to be applied in a layered defense-indepth method, and an understanding of how these controls are exploited is extremely important. The core concepts of identification, Authentifizierung, authorization and accountability are covered in detail here. In diesem Kurs, we will explore access control conceptually and then dig into the technologies the industry puts in place to enforce these concepts. We will also look at the common methods the bad guys use to attack these technologies. This course also covers some of the most important elements of security assessments and testing. It is divided into five sections. We start by discussing audit strategies, particularly the pros and cons of using our own internal auditors or bringing in external contractors. We then move on to approaches to testing our technical security controls. The third major section deals with testing our administrative controls, which are mostly implemented through polices. Endlich, after we have enough empirical data to assess our posture, we discuss how to report our findings and how those findings play into the executive decision making within the organization.
In diesem Kurs, du wirst lernen:
-
Control physical and logical access to assets
-
Manage identification and authentication of people, Geräte, und Dienstleistungen
-
Integrate identity as a third-party service
-
Implement and manage authorization mechanisms
-
Manage the identity and access provisioning lifecycle
-
Design and validate assessment, Prüfung, and audit strategies
-
Conduct security control testing
-
Collect security process data (z.B., technical and administrative)
-
Analyze test output and generate report
-
Conduct or facilitate security audits
Hinterlasse eine Antwort
Sie müssen Anmeldung oder registrieren um einen neuen Kommentar hinzuzufügen .