Join Mike Chapple for an in-depth discussion in this video Subject and object model, part of CySA+ Cert Prep: 5 Identity and Access Management.
- [Instructor] When security professionals discuss…access control systems, we use some language…that might be a little confusing to the newcomer.…Let's talk a little bit about the language that we use…to discuss authorization, the subject/object model.…In an access request, the subject is the person,…device or application that is requesting access…to a resource.…We usually think of subjects as users,…such as when a user requests access to a file stored…on a server or attempts to log in to a web-based system.…
But users aren't the only type of subject.…Devices may also be the subject…of an access control request.…For example, a digital sign in an office lobby…might need to access the wireless network…and might be authorized that access as a device.…Applications may also be subjects.…For example, an inventory tracking system may need…to access information stored in a database.…In that case, the inventory tracking application…is making a request so the application…is the subject of the request.…
The object of an access control request is the resource…
We are now a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Provisioning and deprovisioning
- Identity security issues
- Using biometric measures as identification mechanisms
- Multifactor authentication
- Password authentication protocols
- How LDAP and Kerberos work together
- Identity as a Service (IDaaS)
- Mandatory and discretionary access controls
- Defending against password attacks
- Social engineering attacks
Skill Level Intermediate
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
IT Security: Key Policies and Resourceswith Gregory Michaelidis23m 44s Intermediate
Implementing an Information Security Programwith Kip Boyle2h 31m Intermediate
1. Identity and Access Management
5. Access Control Exploits
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.