As security professionals, one of the most important things that we do is ensure that only authorized individuals gain access to information, systems, and networks under our protection. The three major steps of the access management process are identification, authentication, and authorization. In this video, learn how security professionals apply these three principles.
- [Narrator] As security professionals,…one of the most important things that we do…is ensure that only authorized individuals…gain access to the information, systems…and networks under our protection.…The access control process consists of three steps,…identification, authentication and authorization.…During the first step of the process, identification…an individual makes a claim about his or her identity.…The person trying to gain access doesn't present…any proof at this point, they simply make an assertion.…
It's important to remember that the identification step…is only a claim and the user could certainly be…making a false claim.…Imagine a physical world scenario where you want to…enter a secure office building where you have…an appointment.…During the identification step of the process,…you might walk up to the security desk and say hi,…I'm Mike Chaffel.…Proof comes into play during the second step…of the process, authentication.…During the authentication step, the individual proves…his or her identity to the satisfaction…
To join one of Mike's free study groups for access to bonus tips and practice questions, visit certmike.com.
- Identity and access management
- Using access cards and biometrics
- Multifactor authentication
- Password authentication protocols
- Device authentication
- Identity management life cycle
- Access control lists
Skill Level Intermediate
Q: This course was updated on 05/18/2018. What changed?
A: New videos were added that cover subject/object model. In addition, the following topics were updated: registration and identity proofing, SSO and federation, and advanced authorization concepts.