This chapter covers foundational concepts in the access and accountability layers of the Identity and Access Management(IAM) domain.
A candidate appearing for the CISSP exam is expected to understand the foundational concepts and have knowledge of the following key areas of the identity and access management domain:
Observe the following illustration. Access management is facilitated through authentication and authorization processes. Each of these processes consists of various concepts and techniques. From an information security perspective, there are process-centric threats, vulnerabilities attacks, and counter measures that need to be understood:
In this module, you will understand the following: