Chapter 14

               Controlling and Monitoring Access


               THE CISSP EXAM TOPICS COVERED IN THIS CHAPTER

               INCLUDE:

                      Domain 5: Identity and Access Management ( IAM )

                        5.4 Implement and manage authorization mechanisms

                             5.4.1 Role Based Access Control (RBAC)

                             5.4.2 Rule-based access control

                             5.4.3 Mandatory Access Control (MAC)

                             5.4.4 Discretionary Access Control (DAC)

                             5.4.5 Attribute Based Access Control (ABAC)














                                       Chapter 13, “Managing Identity and Authentication,”
               presented several important topics related to the Identity and Access
               Management (IAM) domain for the CISSP certification exam. This
               chapter builds on those topics and includes key information on some
               common access control models. It also includes information on how to
               prevent or mitigate access control attacks. Be sure to read and study

               the materials from each of these chapters to ensure complete coverage
               of the essential material for this domain.