From the course: CompTIA CySA+ (CS0-002) Cert Prep: 3 Identity and Access Management
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Authorization and privilege management
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 3 Identity and Access Management
Authorization and privilege management
- [Narrator] Authorization is the final step in the access control process. Once an individual successfully authenticates to a system, authorization determines the privileges that individual has to access resources and information. There are many different authorization approaches, and we'll discuss those in this course. First, let's talk about two general principles of authorization that lead to strong security. First, the Principle of Least Privilege. This principle states than an individual should have only the minimum set of permissions necessary to accomplish his or her job duties. Least Privilege is important for two reasons. First, Least Privilege minimizes the potential damage from an insider attack. If an employee turns malicious, the damage they can cause will be limited by the privileges assigned to them by a job role. It's unlikely, for example, that an accountant would be able to deface the company website…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.