What is Identity and Access Management (IAM)?
D1 ยท General ยท CompTIA Security+ SY0-701IAM (Identity and Access Management) is the framework of policies, processes, and technologies that ensures the right users have the right access to the right resources at the right time.
Core IAM functions: identification (who are you?), authentication (prove it), authorization (what can you do?), accounting (what did you do?).
Key IAM concepts: SSO (single sign-on), MFA, RBAC/ABAC, PAM (privileged access management), directory services (Active Directory, LDAP).
Core IAM functions: identification (who are you?), authentication (prove it), authorization (what can you do?), accounting (what did you do?).
Key IAM concepts: SSO (single sign-on), MFA, RBAC/ABAC, PAM (privileged access management), directory services (Active Directory, LDAP).
IAM is the "who and what" of security. On the exam, IAM questions often involve least privilege, separation of duties, or managing user lifecycle (provisioning/deprovisioning).