Review of the major Access Management concepts and terms, and how they interrelate, to help you review, guide your studies, and help you pass the CISSP exam.

This MindMap review covers:
0:00 Introduction
0:27 Access Controls
1:14 Access Control Principle
1:19 Separation of Duties
1:27 Need to Know
1:35 Least Privilege
1:50 Administration Approaches
2:00 Centralized Approach
2:08 Decentralized Approach
2:16 Hybrid Approach
2:22 Access Control Services
2:37 Identification
2:44 Authentication
2:56 Authentication by Knowledge
3:10 Authentication by Ownership
3:40 Hard Tokens
3:49 Soft Tokens
4:03 Synchronous Tokens
4:16 Asynchronous Tokens
4:38 Authentication by Smart / Memory Cards
4:57 Authentication by Characteristics
5:11 Physiology Characteristics
6:08 Behavioral Characteristics
6:40 Challenging Aspect of Biometric System
7:19 Crossover Error Rate
7:49 Single / Multi-Factor Authentication
8:02 Authenticator Assurance Levels (AAL)
8:20 Authorization
8:34 Discretionary Access
8:54 Rule-based Discretionary Access
9:06 Role-based Discretionary Access
9:13 Attribute / Content-based Discretionary Access
9:31 Non-discretionary Access
9:48 Mandatory Access
10:05 Accountability Access
10:31 Session Management
10:50 Outro


Other MindMaps:

Domain 1
Security & Risk Management: https://youtu.be/geGALIfOxtI

Domain 2
Asset Classification: https://youtu.be/aN9zkmzYTmQ
Privacy: https://youtu.be/lrI4QIa8S2I

Domain 3
Models and Frameworks: https://youtu.be/qZB6_lp9M30
Evaluation Criteria: https://youtu.be/WqHmDL7YAvw
Trusted Computing Base: https://youtu.be/fwU7n_3h058
Vulnerabilities in Systems: https://youtu.be/fPUypU7ysMw
Cloud: https://youtu.be/-rWQ7YuxiLY
Cryptography: https://youtu.be/LLRaa0kOMDM
Digital Certificates, Digital Signatures & PKI: https://youtu.be/8XKdFSG3ua4
Cryptanalysis: https://youtu.be/pnITDgs63M4
Physical Security: https://youtu.be/7ESQwNJ9HXU

Domain 5
Access Control Overview: https://youtu.be/BUcoABZzeQ4
Single Sing-on & Federated Access: https://youtu.be/_U4QMIxVk8M

Domain 6
Security Assessment and Testing Overview: https://youtu.be/eDVZvw5NziA
Vulnerability Assessment and Penetration Testing: https://youtu.be/vZ0S8GdWiIk
Logging & Monitoring: https://youtu.be/cwcARccyWyY

Domain 7
Investigations: https://youtu.be/Urev5cZgny8
Incident Response: https://youtu.be/PwxFwndQ7Jk
Malware: https://youtu.be/SVbrRozyIpo
Patching & Change Management: https://youtu.be/xX4U6Lz82Bk
Recovery Strategies: https://youtu.be/DrrfrJBnx28
Business Continuity Management (BCM): https://youtu.be/oAjNL3I_3-E

Domain 8
Secure Software Development: https://youtu.be/fS5WWjuyFmQ
Databases: https://youtu.be/-70DBd6cNDw

CISSP Master Instructor, John Berti: https://www.linkedin.com/in/jberti/
Visuals, narration and CISSP Master Instructor, Rob Witcher: https://www.linkedin.com/in/robwitcher/
Video editing by Nick: [email protected]