CompTIA® Security+ Exam Notes : Differentiate Common Account Management Practices

4. Identity and Access Management

4.4 Given a scenario, differentiate common account management practices

Audits: Three important types of audits are:

a. Privilege audit

b. Usage audit

c. Escalation audit

d. Administrative audit

Privilege audits: Privilege audits verify that accounts, groups, and roles are correctly assigned and that policies are being followed. A privilege audit may include complete review of all accounts and groups to ensure that they're correctly implemented. Privilege auditing is used to verify that users are granted proper privileges. It can be applied for large corporations. Of course, it cannot determine the intentions of people using the privileges.

Usage auditing: Usage auditing verifies that systems and software are used appropriately and consistently with organizational policies. A usage audit may include physically inspecting systems and software, and conducting other verification tests as per the polic

Escalation audits: Escalation audits is primarily focused around the issue of gaining access to higher-ups through the hierarchy in a time of crisis. These types of audits ensure that the management is ready for intervention in case of any disaster.

Administrative audits: It is important to document the procedures undertaken during the information processing and who is involved in this process. The individuals involved in the policy implementations and their responsibilities are documented.

Password Complexity: Ideally, a password should have uppercase, lowercase letters combined with numbers and symbols.

Ex: Us%25enL is a recommended password, ensuring highest safety.

Onboading/offboarding: The terms onboading/offboarding are also extensively used with new employee hiring and employee exit procedures. The addition of a employee to an organization's Identity and Access Management (IAM) system in a new role is known as onboarding. Conversely, offboarding refers to the IAM processes surrounding the removal of an identity for an employee who has left the network. In identity management, onboarding policy is the procedure that an employee has to follow when he connects his laptop or mobile device to a network Offboarding is the policy that an employee has to follow when he disconnect his mobile device to the Company's network.

Time-of-day restrictions: Limitations imposed as to when a user can log on to a system. If these are broken, it may require further investigation. It is an access control concept that limits a user account to be able to log into a system or network only during specific hours and days of the week. Note that off boarding deals with procedures after resignation and not before.

Permission auditing and review: An audit that analyzes user privileges. It identifies the privileges (rights and permissions) granted to users, and compares them against what the users need.

Group policy: Group policy is the mechanism by which Windows systems can be managed in a Windows network domain environment. A Group Policy Object (GPO) is a collection of registry settings that can be applied to a system at the time of boot-up or at the moment of user login. Group policy enables windows administrator to maintain consistent configurations and security settings across all members of a large network.

Previous   Contents   Next


Security+ Cram Notes Contents
certexams ad

simulationexams ad