Revised and updated with the latest data from this fast paced field, Access Control, Authentication, and Public Key Infrastructure defines the components of access control, provides a business framework for implementation, and discusses legal requirements that impact access control programs.
See how privileges, insecure passwords, administrative rights, and remote access can be combined as an attack vector to breach any organization. Cyber attacks continue to increase in volume and sophistication. It is not a matter of if, but when, your organization will be breached. Threat actors target the path of least resistance: users and their privileges. In decades past, an entire enterprise might be sufficiently managed through just a handful of credentials. Today’s environmental complexity has seen an explosion of privileged credentials for many different account types such as domain and local administrators, operating systems (Windows, Unix, Linux, macOS, etc.), directory services, databases, applications, cloud instances, networking hardware, Internet of Things (IoT), social media, and so many more. When unmanaged, these privileged credentials pose a significant threat from external hackers and insider threats. We are experiencing an expanding universe of privileged accounts almost everywhere. There is no one solution or strategy to provide the protection you need against all vectors and stages of an attack. And while some new and innovative products will help protect against or detect against a privilege attack, they are not guaranteed to stop 100% of malicious activity. The volume and frequency of privilege-based attacks continues to increase and test the limits of existing security controls and solution implementations. Privileged Attack Vectors details the risks associated with poor privilege management, the techniques that threat actors leverage, and the defensive measures that organizations should adopt to protect against an incident, protect against lateral movement, and improve the ability to detect malicious activity due to the inappropriate usage of privileged credentials. This revised and expanded second edition covers new attack vectors, has updated definitions for privileged access management (PAM), new strategies for defense, tested empirical steps for a successful implementation, and includes new disciplines for least privilege endpoint management and privileged remote access. What You Will Learn Know how identities, accounts, credentials, passwords, and exploits can be leveraged to escalate privileges during an attack Implement defensive and monitoring strategies to mitigate privilege threats and risk Understand a 10-step universal privilege management implementation plan to guide you through a successful privilege access management journeyDevelop a comprehensive model for documenting risk, compliance, and reporting based on privilege session activity Who This Book Is For Security management professionals, new security professionals, and auditors looking to understand and solve privilege access management problems
Know how to design and use identity management to protect your application and the data it manages. At a time when security breaches result in increasingly onerous penalties, it is paramount that application developers and owners understand identity management and the value it provides when building applications. This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided. Solving Identity and Access Management in Modern Applications gives you what you need to design identity and access management for your applications and to describe it to stakeholders with confidence. You will be able to explain account creation, session and access management, account termination, and more. What You’ll Learn Understand key identity management concepts Incorporate essential design principles Design authentication and access control for a modern application Know the identity management frameworks and protocols used today (OIDC/ OAuth 2.0, SAML 2.0) Review historical failures and know how to avoid them Who This Book Is For Developers, enterprise or application architects, business application or product owners, and anyone involved in an application's identity management solution
Some corporations are beginning to rethink how they provide security, so that interactions with customers, employees, partners, and suppliers will be richer and more flexible. This book explains how to go about it. It details an important concept known as "identity management architecture" (IMA): a method to provide ample protection.
This is Cisco's official, comprehensive self-study resource for Cisco's SISE 300-715 exam (Implementing and Configuring Cisco Identity Services Engine), one of the most popular concentration exams required for the Cisco Certified Network Professional (CCNP) Security certification. It will thoroughly prepare network professionals to deploy and use Cisco ISE to simplify delivery of consistent, highly secure access control across wired, wireless, and VPN connections. Designed for all CCNP Security candidates, CCNP Security Identity Management SISE 300-715 Official Cert Guide covers every SISE #300-715 objective concisely and logically, with extensive teaching features designed to promote retention and understanding. You'll find: Pre-chapter quizzes to assess knowledge upfront and focus your study more efficiently Foundation topics sections that explain concepts and configurations, and link theory to practice Key topics sections calling attention to every figure, table, and list you must know Exam Preparation sections with additional chapter review features Final preparation chapter providing tools and a complete final study plan A customizable practice test library CCNP Security Identity Management SISE 300-715 Official Cert Guide offers comprehensive, up-to-date coverage of all SISE #300-715 Cisco Identity Services Engine topics related to: Architecture and deployment Policy enforcement Web Auth and guest services Profiler BYOD Endpoint compliance Network access device administration
Plan, design, and implement identity and access management solutions with Okta Key FeaturesLearn how to use Okta for complete identity and access management in your organizationUse single sign-on, multifactor authentication, and life cycle management for enhanced securitySet up, manage, and audit API access policiesBook Description IAM, short for identity and access management, is a set of policies and technologies for ensuring the security of an organization through careful role and access assignment for users and devices. With this book, you'll get up and running with Okta, an identity and access management (IAM) service that you can use for both employees and customers. Once you've understood how Okta can be used as an IAM platform, you'll learn about the Universal Directory, which covers how to integrate other directories and applications and set up groups and policies. As you make progress, the book explores Okta's single sign-on (SSO) feature and multifactor authentication (MFA) solutions. Finally, you will delve into API access management and discover how you can leverage Advanced Server Access for your cloud servers and Okta Access Gateway for your on-premises applications. By the end of this Okta book, you'll have learned how to implement Okta to enhance your organization's security and be able to use this book as a reference guide for the Okta certification exam. What you will learnUnderstand different types of users in Okta and how to place them in groupsSet up SSO and MFA rules to secure your IT environmentGet to grips with the basics of end-user functionality and customizationFind out how provisioning and synchronization with applications workExplore API management, Access Gateway, and Advanced Server AccessBecome well-versed in the terminology used by IAM professionalsWho this book is for If you are an IT consultant, business decision-maker, system administrator, system and security engineer, or anyone who wishes to use Okta to plan, design, and implement identity and access management solutions, this book is for you. A basic understanding of authentication and authorization is necessary.
Virtual, hands-on learning labs allow you to apply your technical skills in realistic environments. So Sybex has bundled AWS labs from XtremeLabs with our popular AWS Certified Solutions Architect Study Guide to give you the same experience working in these labs as you prepare for the Certified Solutions Architect Exam that you would face in a real-life application. These labs in addition to the book are a proven way to prepare for the certification and for work as an AWS Solutions Architect. The AWS Certified Solutions Architect Study Guide: Associate (SAA-C01) Exam is your complete and fully updated resource to the AWS Solutions Architect - Associate certification. This invaluable Sybex study guide covers all relevant aspects of the AWS Solutions Architect job role, including mapping multi-tier architectures to AWS services, loose coupling and stateless systems, applying AWS security features, deploying and managing services, designing large scale distributed systems, and many more. Written by two AWS subject-matter experts, this self-study guide and reference provides all the tools and information necessary to master the exam, earn your certification, and gain insights into the job of an AWS Solutions Architect. Efficient and logical presentation of exam objectives allows for flexible study of topics, and powerful learning tools increase comprehension and retention of key exam elements. Practice questions, chapter reviews, and detailed examination of essential concepts fully prepare you for the AWS Solutions Architect – Associate certification. The certification is highly valued in IT and cloud computing professionals. Now in a new edition—reflecting the latest changes, additions, and updates to the AWS Solutions Architect – Associate certification exam guide—this book is your complete, one-stop resource: Learn all the components of the AWS exam and know what to expect on exam day Review challenging exam topics and focus on the areas that need improvement Expand your AWS skillset and keep pace with current cloud computing technologies Readers will also have one year of free access to the Sybex interactive online learning environment and test bank, providing a suite of robust study tools including an assessment test, chapter tests, bonus practice exam, electronic flashcards, and a glossary of key terms. The AWS Certified Solutions Architect Study Guide: Associate (SAA-C01) Exam enables you to validate your skills, increase your competitive advantage, and take the next step on your career path. Comprehensive and up-to-date content and superior study tools make this guide a must-have resource for those seeking AWS Solutions Architect – Associate certification. And with this edition you also get XtremeLabs virtual labs that run from your browser. The registration code is included with the book and gives you 6 months unlimited access to XtremeLabs AWS Certified Solutions Architect Labs with 10 unique lab modules based on the book.
Master the intricacies of Amazon Web Services and efficiently prepare for the SAA-C02 Exam with this comprehensive study guide AWS Certified Solutions Study Guide: Associate (SAA-C02) Exam, Third Edition comprehensively and efficiently prepares you for the SAA-C02 Exam. The study guide contains robust and effective study tools that will help you succeed on the exam. The guide grants you access to the regularly updated Sybex online learning environment and test bank, which contains hundreds of test questions, bonus practice exams, electronic flashcards, and a glossary of key terms. In this study guide, accomplished and experienced authors Ben Piper and David Clinton show you how to: Design resilient architectures Create high-performing architectures Craft secure applications and architectures Design cost-optimized architectures Perfect for anyone who hopes to begin a new career as an Amazon Web Services cloud professional, the study guide also belongs on the bookshelf of any existing AWS professional who wants to brush up on the fundamentals of their profession.
Cloud computing adoption has revolutionized how businesses and individuals harness the power of technology. The cloud's scalability, accessibility, and cost-efficiency have propelled it to the forefront of modern computing paradigms. However, as organizations increasingly rely on cloud services to store, process, and manage their data and applications, an intricate web of challenges has emerged, casting shadows over the very foundations of cloud computing. Improving Security, Privacy, and Trust in Cloud Computing unravels the complexities surrounding the cloud landscape, delving into the core concerns of security, privacy, and trust that have come to define its evolution. It aims to equip readers with the insights, knowledge, and practical strategies needed to navigate the intricate realm of cloud computing while safeguarding their most valuable assets. This book's exploration into security, privacy, and trust in cloud computing takes a holistic approach. Throughout the chapters of this book, readers will embark on a multidimensional expedition. This book will take them through real-world case studies of successful cloud security implementations and unfortunate breaches that underscore the urgency of robust defenses. From data encryption techniques to incident response protocols, this book offers practical insights and actionable strategies that can be implemented by IT professionals, security experts, and decision-makers alike.
International Banking and Finance Law Series, Volume 37 Despite open banking’s broad emergence in a variety of jurisdictions and the ambition shared for the benefits it is to deliver, there is a distinct lack of detailed analysis of the legal features which are needed for it to be effectively established. This indispensable study is the first to analyse open banking’s legal foundations by reference to banking law rather than to privacy law or competition law. With a detailed focus on the mature open banking systems of Australia and the United Kingdom, including Australia’s Consumer Data Right, the book’s thoroughgoing legal perspective provides a comprehensive framework which can be used to evaluate and design open banking in any jurisdiction. The presentation proceeds through a comparison of the legal rights, responsibilities, and relationships under open banking systems with equivalent rights in traditional banking payment systems. This process clearly reveals and addresses such salient open banking and data-sharing issues as the following: what data should be shareable and who should be required to share data; how data should be shared and how rights to share data should be established; the role of data minimisation and the role of consent; how laws, standards, rules, and technology interact in an open banking system; how open banking fosters competition, innovation, and financial inclusion; how consumer protection can be included by design; management of quality and security of shared data; facilitation and regulation of participation; legal relationships and allocation of liability among participants; compensation for customers if something goes wrong; strategic challenges and opportunities; enforceability and insolvency; systemic efficacy and safety; and the role of trust. Also included is an assessment framework designed to categorise the risks which arise in open banking and other data-sharing systems. As a systematic appraisal of how banking law can be used to ensure the customer autonomy, data portability, recipient accountability and participant connectivity promised by open banking systems, the book’s legal perspective on the value of customer data will prove of inestimable value for lawyers in banking and finance, as well as for professionals in financial services or information technology.