Two major account administration issues face security professionals. The first is inaccurate permissions assigned to accounts that either prevent a user from doing his or her work or violate the principle of least privilege. The second is the unauthorized use of those permissions. In this video, learn the use of user access reviews and continuous account monitoring techniques.
- [Instructor] Security administrators must pay…careful attention to the permissions and use…of end user accounts to protect against security incidents.…Two major account administration issues…face security professionals.…The first is inaccurate permissions assigned to accounts…that either prevent a user from doing his or her work…or violate the principle of least privilege.…These permissions are often the result of privilege creep,…a condition that occurs when users switch jobs…and gain new permissions but never have…their old permissions revoked.…
The second issue is the unauthorized use of permissions…either by someone other than the legitimate user…accessing the account or by the user…performing some illegitimate action.…To protect against the first issue,…administrators should perform…regular user access reviews in cooperation…with managers from around the organization.…During each review, administrators should pull a listing…of all of the permissions assigned to each account…and then review that listing with managers…
You can sign up for Mike's free study group at certmike.com, and find his study guides at the Sybex test prep site. To review the complete CISSP Body of Knowledge, visit https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A complete learning path will be available once all the courses are released.
- Identity and access management overview
- Identification mechanisms: user names, access cards, biometrics, and registration
- Authentication factors
- Password authentication protocols
- Identity as a service (IDaaS)
- Enforcing accountability
- Managing credentials with policies
- Using access control lists
- Defending against access control attacks
Skill Level Advanced
1. Identity and Access Management
5. Credential Management
7. Access Control Attacks
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.