Toggle navigation

(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide. Mike Chapple

Чтение книги онлайн.

Новинки Лучшее Рекомендации

Читать онлайн книгу (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide - Mike Chapple страница 30

(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide - Mike Chapple

Скачать книгу

5.4.2 Rule based access control 14 5.4.3 Mandatory Access Control (MAC) 14 5.4.4 Discretionary Access Control (DAC) 14 5.4.5 Attribute Based Access Control (ABAC) 14 5.4.6 Risk based access control 14 5.5 Manage the identity and access provisioning lifecycle 13, 14 5.5.1 Account access review (e.g., user, system, service) 13 5.5.2 Provisioning and deprovisioning (e.g., on/off boarding and transfers) 13 5.5.3 Role definition (e.g., people assigned to new roles) 13 5.5.4 Privilege escalation (e.g., managed service accounts, use of sudo, minimizing its use) 14 5.6 Implement authentication systems 14 5.6.1 OpenID Connect (OIDC)/Open Authorization (Oauth) 14 5.6.2 Security Assertion Markup Language (SAML) 14 5.6.3 Kerberos 14 5.6.4 Remote Authentication Dial-In User Service (RADIUS)/Terminal Access Controller Access Control System Plus (TACACS+) 14 Domain 6 Security Assessment and Testing 6.1 Design and validate assessment, test, and audit strategies 15 6.1.1 Internal 15 6.1.2 External 15 6.1.3 Third-party 15 6.2 Conduct security control testing 15 6.2.1 Vulnerability assessment 15 6.2.2 Penetration testing 15 6.2.3 Log reviews 15 6.2.4 Synthetic transactions 15 6.2.5 Code review and testing 15 6.2.6 Misuse case testing 15 6.2.7 Test coverage analysis 15 6.2.8 Interface testing 15 6.2.9 Breach attack simulations 15 6.2.10 Compliance checks 15 6.3 Collect security process data (e.g., technical and administrative)

Скачать книгу


e-mail: [email protected]

Яндекс.Метрика