Read this whole guide offline with no ads, for a low price!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 5:  Operational/Organizational Security (Domain 5.0; 15%)

Previous Topic/Section
5.9.7  Destruction
Previous Page
Pages in Current Topic/Section
123
4
5
Next Page
5.11  Success Questions
Next Topic/Section

5.10  Summary
(Page 4 of 5)

Privilege Management



You also explored facets of privilege management, which controls how privileges are assigned, managed and enforced on your network. One area you looked at was user/group/role management, in which you are concerned with grouping user accounts into collections in order to make it easier to manage privileges granted to each; many times, users are grouped by role (job assignment, such as HR clerk, Comptroller, A/R data entry clerk, etc.). You also learned about single sign-on, a technical feature that enables a user to authenticate themselves to the network only once, and as long as that session is open, authorization for access to any related system or application is performed based on the original credentials that have already been provided. Privilege management may occur in a centralized (the data center handles all of it) or decentralized (responsibility is delegated) manner. Auditing is used to track user activities and verify proper security policies and procedures are in place and being followed; a user ID is a useful unique identifier for auditing. You revisited MAC/DAC/RBAC access control models.

You then explored computer forensics, the application of investigation and analysis techniques which comply with a legal system. When performing computer forensics, be careful to not interfere with the chain of custody, which is the record of who had possession of each piece of evidence, for how long and under what security conditions (important because lack of chain of custody proof can result in evidence being declared inadmissible). Also, take care to ensure the preservation of evidence (do not alter evidence in any way, as tampering could also render it inadmissible). Lastly, you looked at guidelines for evidence collection, which specify types of evidence to gather such as logs, lists of running processes and logged-on users, pictures of the scene, etc.)

Risk Identification

Next, you learned about Risk Identification. Before analyzing risk, you need to know what assets you have to lose (including both physical assets like expensive servers and intangible assets like company reputation). Risk assessment involves discovering the potential losses due to risks, so the organization can take steps to ensure they are adequately protected. You need to be aware of threats (combination of capability, opportunity and intent to do harm) and vulnerabilities (weaknesses in computer hardware/software which can be taken advantage of) when computing risk, as explained in the following formula:

Risk = vulnerabilities X threats X costs

When determining risk, you look at the cost of a particular event, and the probability of it occurring, to determine risk faced


Previous Topic/Section
5.9.7  Destruction
Previous Page
Pages in Current Topic/Section
123
4
5
Next Page
5.11  Success Questions
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.