Controlling Access to IoT Resources

In this course, you will explore identifying relevant strategies and implementing security features to control access to IoT resources.

4 videos  //  62 minutes of training

Course description

The IoT security practitioner should aim to ensure that the confidentiality, integrity and availability of IoT resources are maintained. These goals are largely achieved through the three related concepts of authentication, authorization and accounting (AAA).

Course syllabus

Identify the Need to Protect IoT ResourcesDuration: 8:37

An important step in risk management is to assess the potential consequences should they become reality. This will help you determine where you should place your priorities and the effort you should expend to mitigate or avoid the risks. In many ways, IoT "ups the stakes" for cyberattackers, and strong authentication, authorization and accounting are essential to a strong defense.

Implement Secure AuthenticationDuration: 31:10

Before the system can control and track who is accessing IoT resources, it must first establish the identity of users. This is accomplished through authentication.

Implement Secure AuthorizationDuration: 10:33

Once attackers have gained network access to a host (such as a client computer or server, web application, and so forth), the next step they will perform is to gain the right to perform tasks on the host. Secure authorization features should prevent an attacker from doing this.

Implement Security Monitoring on IoT SystemsDuration: 11:24

For the IoT security practitioner, it is essential to understand what events are occurring within the systems you are responsible for. Being able to see when users log in to devices or services and when they fail a login are important to security practitioners. Effective security logging and monitoring will enable you to know immediately when there are cybersecurity events that require your attention, and to quickly understand what is happening in your IoT systems.

Meet the author

Infosec

LinkedIn

Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home.

Plans & pricing

Infosec Skills Personal

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Award-winning training that you can trust

IDC MarketScape Leader: U.S. IT Training

IDC MarketScape Leader: U.S. IT Training

Infosec Skills

eLearning Content

eLearning Content

Infosec Skills

Best Product - Cybersecurity Training for Infosec Professionals

Best Product - Cybersecurity Training for Infosec Professionals

Infosec Skills

Security Education & Platform

Security Education & Platform

Infosec Skills

Ranked #52 in Top 100 Global Software Sellers

Ranked #52 in Top 100 Global Software Sellers

Infosec