Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

CISSP Cert Prep: 5 Identity and Access Management

via LinkedIn Learning


Study for CISSP certification while you learn industry best practices for identity and access management (IAM).

Prepare for the CISSP exam while you learn industry best practices for identity and access management (IAM). IAM is covered in the fifth domain of the exam, and comprises 13% of the test questions for the highly prized IT security certification. This course includes coverage of the core components of IAM: identification, authentication, authorization, and accountability. Learn how to control both the physical and logical access to your hardware, information systems, and data. Instructor Mike Chapple, the author of our nine-part CISSP test prep series, also covers credential management, external identity management, and prevention and mitigation of access control attacks. Members who take all eight courses in the series will be prepared to take the CISSP exam.

You can sign up for Mike's free study group at, and find his study guides at the Sybex test prep site. To review the complete CISSP Body of Knowledge, visit



  • Manage users
  • What you need to know

1. Identity and Access Management

  • Identity and access management
  • Identification, authentication, and authorization

2. Identification

  • Usernames and access cards
  • Biometrics
  • Registration and identity proofing

3. Authentication

  • Authentication factors
  • Multi-factor authentication
  • Something you have
  • Password authentication protocols
  • SSO and federation
  • Kerberos and LDAP
  • SAML
  • Identity as a service (IDaaS)
  • OAuth and OpenID Connect
  • Certificate-based authentication

4. Accountability

  • Understanding accountability
  • Session management

5. Credential Management

  • Understanding account and privilege management
  • Account policies
  • Password policies
  • Manage roles
  • Account monitoring
  • Provisioning and deprovisioning

6. Authorization

  • Understanding authorization
  • Mandatory access controls
  • Discretionary access controls
  • Access control lists
  • Database access control
  • Advanced authorization concepts

7. Access Control Attacks

  • Defend against password attacks
  • Watering hole attacks
  • Social engineering attacks
  • Impersonation attacks


  • Next steps

Taught by

Mike Chapple

Related Courses


Start your review of CISSP Cert Prep: 5 Identity and Access Management

Never Stop Learning!

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free