Identity & Access Management
Quản lý Danh tính & Truy cập
Domain 5 covers every aspect of proving and controlling who can access what. Master authentication factors, access control models, SSO protocols, and the identity lifecycle.
13%
Exam Weight
Domain Progress
0 / 5 lessons complete
5 Lessons
Authentication Factors & MFA
Nhân tố Xác thực & Đa yếu tố
The 4 A's, three factor types, biometric accuracy (FAR/FRR/CER), NIST 800-63B password guidance, and what makes true MFA. Partner E MPIN + biometric deep dive.
SSO, Federation & Identity Protocols
Đăng nhập Một lần & Giao thức Danh tính
Kerberos, SAML 2.0, OAuth 2.0 vs OIDC, JWT structure and security risks. Platform C per-lender JWT security checklist with RSA asymmetric signing.
Access Control Models (DAC, MAC, RBAC, ABAC)
Mô hình Kiểm soát Truy cập
Discretionary, Mandatory, Role-Based, and Attribute-Based access control. Privilege creep, access recertification, and how Platform C uses both RBAC and ABAC.
Privileged Access Management
Quản lý Truy cập Đặc quyền
PAM controls: JIT access, PAW, session recording, Vault-managed credentials, break-glass accounts. HashiCorp Vault implementation at FinTech Company X.
Identity Lifecycle (JML) & Directory Services
Vòng đời Danh tính (JML) & Dịch vụ Thư mục
Joiners, Movers, Leavers — why leaver timing is critical. LDAP, Active Directory, RADIUS vs TACACS+. TS engineer offboarding 2-hour target checklist.