Two major account administration issues face security professionals. The first is inaccurate permissions assigned to accounts that either prevent a user from doing his or her work or violate the principle of least privilege. The second is the unauthorized use of those permissions, either by someone other than the legitimate user accessing the account or by the user performing some illegitimate action. In this video, learn the use of user access reviews and continuous account monitoring techniques.
- [Narrator] Security administrators must pay careful…attention to the permissions and use of end user accounts…to protect against security incidents.…Two major account administration issues…face security professionals.…The first is inaccurate permissions assigned to accounts…that either prevent a user from doing his or her work…or violate the principle of least privilege.…These permissions are often the result of privilege creep,…a condition that occurs when users switch jobs…and gain new permissions but never have…their old permissions revoked.…
The second issue is the unauthorized use of permissions…either by someone other than the legitimate user…accessing the account or by the user performing…some illegitimate action.…To protect against the first issue, administrators should…perform regular user access reviews…in cooperation with managers from around the organization.…During each review administrators should pull a listing…of all of the permissions assigned to each account…and then review that listing with managers…
Author
Mike Chapple
Released
12/4/2017To join one of Mike's free study groups for access to bonus tips and practice questions, visit certmike.com.
- Identity and access management
- Using access cards and biometrics
- Multifactor authentication
- Password authentication protocols
- Device authentication
- Identity management life cycle
- Authorization
- Access control lists
Skill Level Intermediate
Duration
Views
-
Introduction
-
Welcome1m 26s
-
-
1. Identity and Access Management
-
Access control3m 13s
-
-
2. Identification
-
Usernames and access cards3m 27s
-
Biometrics2m 35s
-
-
3. Authentication
-
Authentication factors3m 30s
-
Multifactor authentication2m 33s
-
Something you have3m 15s
-
SSO and federation2m 38s
-
Kerberos and LDAP5m 13s
-
Device authentication6m 24s
-
-
4. Identity Management Lifecycle
-
Account policies3m 35s
-
Password policies4m 50s
-
Manage roles3m 56s
-
Account monitoring2m 14s
-
5. Authorization
-
Understand authorization4m 8s
-
Mandatory access controls3m 47s
-
Access control lists5m 14s
-
-
Conclusion
-
What's next?37s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Account monitoring