Week Eleven - Security Guide to Network Security...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 10 Conducting Security Audits
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Objectives Define privilege audits Describe how usage audits can protect security List the methodologies used for monitoring to detect security-related anomalies Describe the different monitoring tools 2
Background image of page 2
Security+ Guide to Network Security Fundamentals, Third Edition Privilege Auditing A privilege can be considered a subject’s access level over an object Principle of least privilege – Users should be given only the minimal amount of privileges necessary to perform his or her job function Privilege auditing – Reviewing a subject’s privileges over an object – Requires knowledge of privilege management, how privileges are assigned, and how to audit these security settings 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Privilege Management Privilege management – The process of assigning and revoking privileges to objects Whereas the roles of owners and custodians are generally well-established – Where those roles fit into the organization often depends upon how the organization is structured The responsibility for privilege management can be either centralized or decentralized 4
Background image of page 4
Security+ Guide to Network Security Fundamentals, Third Edition Privilege Management (continued) In a centralized structure – One unit is responsible for all aspects of assigning or revoking privileges – All custodians are part of that unit A decentralized organizational structure for privilege management – Delegates the authority for assigning or revoking privileges more closely to the geographic location or end user 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Assigning Privileges The foundation for assigning privileges – The existing access control model for the hardware or software being used Recall that there are four major access control models: – Mandatory Access Control (MAC) – Discretionary Access Control (DAC) – Role Based Access Control (RBAC) – Rule Based Access Control (RBAC) 6
Background image of page 6
Security+ Guide to Network Security Fundamentals, Third Edition Auditing System Security Settings Auditing system security settings for user privileges involves: – A regular review of user access and rights – Using group policies – Implementing storage and retention policies User access and rights review – It is important to periodically review user access privileges and rights – Most organizations have a written policy that mandates regular reviews 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition 8
Background image of page 8
Security+ Guide to Network Security Fundamentals, Third Edition Auditing System Security Settings (continued) Group Policies – Instead of setting the same configuration baseline on each computer, a security template can be created Security template – A method to configure a suite of baseline security
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 04/05/2011 for the course CINT 251 taught by Professor Endris during the Spring '11 term at Ivy Tech Community College.

Page1 / 31

Week Eleven - Security Guide to Network Security...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online