CarlsCloud™ Demystifying CISSP Domain 5: Identity and Access Management

Know discretionary access control (DAC), mandatory access control (MAC), role-based access control (RBAC) and attribute-based access control (ABAC).

9 months ago   •   2 min read

By Carl Ballenger, CISSP
Demystifying CISSP Domain 5: Identity and Access Management
Table of contents

Domain 5: Identity and Access Management

... of the CISSP exam focuses on identity and access management.

This domain covers managing user identities and controlling access to resources.

For candidates, the wide range of technologies and best practices in this domain can be challenging to understand.

In my previous article, CarlsCloud™ Demystifying CISSP Domain 4: Communications and Network Security I gave my recommendations for FREE CISSP Domain 4 YouTube video resources such as Pete Zergers Inside Cloud Security Exam Cram along with other excellent CISSP exam resources.  I suggest going through his video content as it is an incredibly useful FREE CISSP resource which I have personally used extensively for CISSP exam study and review purposes.  

In the this article, CarlsCloud™ Demystifying CISSP Domain 5: Identity and Access Management I will provide an overview of the key topics and recommendations for resources to help you prepare and be successful.

4:57:02 : Domain 5: Identity and Access Management

4:57:02 : Domain 5: Identity and Access Management
4:57:02 : Domain 5: Identity and Access Management

Access control models

Know discretionary access control (DAC), mandatory access control (MAC), role-based access control (RBAC) and attribute-based access control (ABAC). Understand how each model controls access and the pros/cons. Resources: Kelly Handerhan’s “Access Control Models” video and the CISSP Study Guide.

Authentication and Identification

Review common authentication methods like passwords, tokens, biometrics along with multi-factor authentication. Understand account provisioning, deprovisioning and segregation of duties. Resources: Pluralsight’s “Authentication and Authorization” course and the YouTube channel “IT Dojo.”

Federation and SSO

Learn how identity federation and single sign-on (SSO) work to provide access across systems. Know SAML, OpenID Connect, OAuth and FIDO standards. Resources: Udemy’s “Learn About Single Sign-On Solutions” course and Skillset’s CISSP certification course.

Account Types and Characteristics

Be familiar with common account types (user, shared, application, system) along with transient and persistent accounts. Know attributes like disabled, locked and expired accounts. Resources: (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide.

Provisioning and Account Reviews

Understand the account lifecycle including provisioning, privilege creep, dormant accounts and deprovisioning. Know best practices for account certification, attestation and termination. Resources: Sybex’s CISSP: Certified Information Systems Security Professional Study Guide.

Like the other domains, focus on understanding concepts and connections between topics. Watch overview videos, study diagrams and complete plenty of practice questions. With dedication, you can absolutely master the identity and access management domain and pass the CISSP!

Subscribe Free to CarlsCloud™ and get our latest weekly CISSP Exam Tips!

Spread the word

Keep reading