Welcome to my public learning journey as I progress through the Google Cybersecurity Certificate program. Each module is documented with key insights, practical IAM applications, and study notes.
- Cybersecurity Basics: CIA Triad, Terminology
- IAM Application: Confidentiality (Access Control), Integrity (Audit Trails), Availability (Redundancy)
- Data Protection: PII vs SPII via IAM policy enforcement
- Core Cybersecurity Skills: Communication, Problem-solving, Growth Mindset, Time Management
- Frameworks: NIST, ISO 27001, SOC 2 mapping to IAM strategies
- History of Early Attacks
- Phishing Variants
- Malware Families
- Social Engineering
- Attack Categories
- Threat Actors
- CISSPโs Eight Domains
CISSPโs domains frame the entire security lifecycle. Hereโs how IAM ties in:
| Domain | IAM Integration |
|---|---|
| 1. Security & Risk Management | Identity policies drive risk modeling & compliance. |
| 2. Asset Security | Attribute-based access enforces data classification. |
| 3. Security Architecture & Engineering | Federated IdP (SAML/OIDC) and key-management integration. |
| 4. Communication & Network Security | Zero-trust network access via IAM (802.1X, VPN). |
| 5. Identity & Access Management | RBAC/ABAC, MFA, JIT admin, continuous authentication. |
| 6. Security Assessment & Testing | Automated permission reviews & policy validation. |
| 7. Security Operations | Identity-centric SIEM alerts and incident playbooks. |
| 8. Software Development Security | CI/CD pipelines with IAM checks and least-privilege accounts. |
๐ ๏ธ Tools & Resources Used: Coursera, Google Docs, ChatGPT
๐ Follow me for real-time updates and resources: