From the course: CISSP Cert Prep (2021): 5 Identity and Access Management
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Understand authorization
From the course: CISSP Cert Prep (2021): 5 Identity and Access Management
Understand authorization
- [Instructor] Authorization is the final step in granting a user access to a resource. Once an individual successfully authenticates to a system, authorization determines the privileges that the individual has to access resources and information on that system. There are many different authorization approaches, and we'll discuss those in this course. First, let's talk about two general principles of authorization that lead to strong security. The first of these is the principle of least privilege. This principle states that an individual should only have the minimum set of permissions necessary to accomplish their job duties. Least privilege is important for two reasons. First, least privilege minimizes the potential damage from an insider attack. If an employee turns malicious, the damage they can cause will be limited by the privileges assigned to them by job role. It's unlikely, for example, that an accountant would…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.