Managing Accounts Flashcards
What type of control is Least privilege?
Technical control
How is least privilege different to Need To know?
Need to know is about what data and information people should be allowed to access and least privilege is about ensuring that they can only access THAT data plus what they can do with it once they have access to it.
What’s the risk of using service accounts?
because service accounts are machines, they can’t respond to password renewal requests from the domain controller. Developers have to ensure they manage this themselves
Why is it not a good idea to delete a user acc as soon as they leave, instead of just disable it?
Deleting the account also deletes any encryption keys. If the user has encrypted any data, it won’t be able to be de-encrypted and recovered.
What are the two goals of credential management?
1) simplify managing credentials for users
2) ensuring unauthorized people can’t access them
What two other names is Role Based Access Control otherwise known?
Hierarchy-based or job-based
What document would you create to map roles with related privileges?
A matrix
regarding role-BAC, what would you assign a user to in Windows?
A Group (or security group)
What access control model does the below describe?
1) every object has an owner
2) the owner has full, explicit control over the object
3) NTFS uses this model
Discretionary Access Control
Fill in the blanks about Mandatory Access Control
1) the MAC model uses …. labels for …. and …
2) it is commonly used when access needs to be restricted base on ….
3) sensitivity labels often reflect BOTH … levels of data AND … granted to individuals
1) the MAC model uses SENSITIVITY (or security) labels for USERS and DATA
2) it is commonly used when access needs to be restricted base on NEED TO KNOW
3) sensitivity labels often reflect BOTH CLASSIFICATION levels of data (Top Secret etc) AND CLEARANCES granted to individuals
Access is defined by system administrators, TRUE or FALSE?
False. It is defined by security professionals and/or higher level entities in the organization.
The administrator establishes the access based on the definitions that come from above.
Which access control methid uses attributes defined in policies and is commonly used by software defined networks?
Attribute Based Access Control
What type of access control is based on an approved set of instructions, like an access control list on a router?
Rule-Based Access Control
What access model uses a lattice to illustrate the levels of security with data?
the Mandatory Access Control Method
What access control method can modify the access automatically in response to an event?
rule-based access control. e.g. IPS device detecting an attack can change an ACL
