Course Hero Logo

Access recertification accounts should undergo

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 322 - 324 out of 640 pages.

Access recertificationAccounts should undergo permissions auditing and reviews to determineif they are still adhering to the principle of least privilege. Some accountsaccumulate too many permissions over time—a process known aspermissions creep. Recertification will help you identify unnecessarypermissions so that you can modify the account to be more in line withwhat the user or resource actually requires.Usage auditingIn addition to auditing permissions, you should also monitor how useraccounts are being used in the organization. This can help you spotprivilege escalation attacks, or simply alert you to behavior that aparticular account should not be engaging in. If an account is being usedat odd hours or is being used from an unknown source, for example,these factors may indicate that the account has been hijacked.292|CompTIA®Security+®(Exam SY0-501)Lesson 7: Managing Identity and Access|Topic DAccount ManagementSecurity Controls
Licensed For Use Only By: Muhammad Abduaziz [email protected]Security ControlDescriptionGroup-based accesscontrolAs discussed previously, arranging users into groups alleviates some ofthe burden of managing separate accounts. When users are placed ingroups, you can easily add or revoke permissions for multiple people,saving you time and effort. It's also easier to understand the job functionthat each user has in the organization if they are a member of certaingroups.Location-based policiesIn order to gain more control over account usage in the organization, youmay want to consider implementing policies that restrict both the physicaland virtual locations from which users can gain access. Location-basedrestrictions may protect against remote attacks that come from maliciousor unknown sources.Time-of-dayrestrictionsWith some exceptions, you expect most users to work during set hourseach day. In order to avoid detection, attackers will use accounts duringoff-hours to gain access. One way to mitigate this risk is to simply restrictan account's access to only certain times of the day, when the employee isworking.Credential ManagementCredential managerswere created to help users and organizations more easily store and organizeaccount user names and passwords. These applications typically store credentials in an encrypteddatabase on the local machine. From there, an authenticated user can retrieve the proper credentialsfor the relevant system. This is particularly helpful for users with multiple accounts across manysystems, and because credential managers may be used to automatically fill in forms with user namesand passwords, they can defend against keystroke-logging malware.However, credential managers are only as strong as the credentials they store. Simple or easilyguessed passwords will provide an attacker with an easy way to access an account, no matter howsecurely that password is stored. Furthermore, if the credential manager encrypts the database of

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 640 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Spring
Professor
N/A
Tags
Nature, The Land, IP address, Muhammad Abduaziz

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture