Effective identity and access management involves managing the entire user lifecycle, not just authentication. In this topic, you will explore the key processes that underpin IAM, from onboarding and provisioning to password recovery and deactivation. We will examine how these processes differ across cloud and on-premises environments, and discuss the limitations, compromises, and security trade-offs that come with each. You will also learn to configure selected IAM processes and adapt them to meet your organization's needs. By the end of this topic, you will have a clear understanding of how IAM processes support secure access at every stage of the user journey and how to implement them effectively in real-world environments.

With cloud services, multiple platforms, and growing user demands, seamless and secure access is essential. This topic explores identity federation, which links a user’s digital identity across systems and organizations for smoother, more secure authentication. You will learn how identity federation is implemented in both cloud and on-prem environments, and how it enables features like Single Sign-On (SSO) and Single Logout (SLO). We will also look at the growing use of social login and how federated identities simplify user access while maintaining security. By the end of this topic, you will understand how to evaluate and implement identity federation in real-world IAM systems, and how to choose the right approach for your organizational needs.

With advancing cyber threats, relying on a single password is no longer enough. This topic introduces two-factor (2FA) and multi-factor authentication (MFA), key strategies for strengthening identity verification and reducing unauthorized access. You will explore the differences between 2FA, MFA, and multilayered authentication, and understand how methods like memorized secrets, generated codes, out-of-band verification, and biometric authentication contribute to secure access. We will also critically evaluate the strengths and limitations of each approach. By the end of this topic, you will be equipped to implement second factor authentication into an IAM flow and make informed decisions about which factors to apply in different security contexts.

Even the most advanced authentication systems are not immune to risk. In this topic, we examine the threat landscape surrounding identity and access management, diving into the vulnerabilities and attack vectors that continue to challenge even well-designed security frameworks. You’ll explore real-world examples of compromised authentication systems, learn how attackers exploit weak points, and uncover lessons from past failures. We’ll also assess the risks and threats specific to various authentication methods, giving you the insight needed to critically evaluate and strengthen IAM implementations.By the end of this topic, you’ll not only understand the risks, you’ll gain practical experience in defending against a selected attack vector, equipping you with the knowledge to build more secure authentication environments.

With evolving cyber threats, our approach to authentication must adapt. Traditional passwords are increasingly vulnerable and difficult to manage for users and IT teams. In this topic, we explore passwordless authentication, a security model that replaces static passwords with cryptographic methods and modern protocols. You will learn how passwordless authentication fits into IAM flows, examine technologies like FIDO2 and WebAuthn, and consider if these approaches can truly replace passwords. We will also look back at earlier methods such as smartcards and PIV to understand how the concept has evolved. By the end of this module, you will understand how to design and implement passwordless solutions that enhance security and user experience.