Domain 5: Identity and Access Management

CISSP · this domain is approximately 13.0% of the exam · 0 practice questions.

Identity and Access Management (IAM) addresses how organizations control who and what can access systems, data, and physical resources, covering authentication, authorization, and accountability. The CISSP exam tests concepts such as identification and authentication factors, single sign-on, federated identity, access control models (DAC, MAC, RBAC, ABAC), and privileged access management. Effective IAM is a cornerstone of information security because weaknesses in identity verification and access control are among the most commonly exploited vulnerabilities in enterprise environments.

Practice questions from this domain

The full CISSP bank includes 553 questions across every domain, each with a verified answer and a written explanation.