Controlling access to IoT resources Course

In this course, you will explore identifying relevant strategies and implementing security features to control access to IoT resources.

1 hour, 2 minutes

Course description

The IoT security practitioner should aim to ensure that the confidentiality, integrity and availability of IoT resources are maintained. These goals are largely achieved through the three related concepts of authentication, authorization and accounting (AAA).


Implement security monitoring on IoT systems

Video - 00:11:00

For the IoT security practitioner, it is essential to understand what events are occurring within the systems you are responsible for. Being able to see when users log in to devices or services and when they fail a login are important to security practitioners. Effective security logging and monitoring will enable you to know immediately when there are cybersecurity events that require your attention, and to quickly understand what is happening in your IoT systems.
Implement secure authorization

Video - 00:11:00

Once attackers have gained network access to a host (such as a client computer or server, web application, and so forth), the next step they will perform is to gain the right to perform tasks on the host. Secure authorization features should prevent an attacker from doing this.
Implement secure authentication

Video - 00:31:00

Before the system can control and track who is accessing IoT resources, it must first establish the identity of users. This is accomplished through authentication.
Identify the need to protect IoT resources

Video - 00:09:00

An important step in risk management is to assess the potential consequences should they become reality. This will help you determine where you should place your priorities and the effort you should expend to mitigate or avoid the risks. In many ways, IoT "ups the stakes" for cyberattackers, and strong authentication, authorization and accounting are essential to a strong defense.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Award-winning training you can trust