Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ SY0-501 > Account Management 4.4 > Flashcards

Account Management 4.4 Flashcards

1
Q

Least Privilege

A

Rights and permissions should be set to the bare minimum. Users should only get exactly what they need. All users accounts must be limited, apps should run with minimal privileges. Don’t allow users to run with admin privileges.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

On-Boarding (New hires or Transfers)

A

IT agreements need to be signed, and may be apart of the employee handbook or separate acceptable use policy. IT will create the accounts and associate the user with the proper groups/depts. Then provide them with the appropriate hardware for their job.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Off-Boarding

A

You need a process for the issued hardware, the users data involving the people still working there and the people replacing this person. Many orgs only de-activate the account because you can lose critical data by deleting accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Perform Routine Audits

A

Is everyone following the policy? You have to police yourself. Make sure the audits are scheduled, they can even be automated. The logs/alerts will tell you about issues that need to be resolved.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Auditing

A

Permissions auditing. Makes sure everyone has the correct permissions. Some admin accounts don’t actually need their admin access. Schedule recertification’s. You may also want to do a resource usage audit. Where are people storing files, are the systems in use secure? Time of day audits help you provide security. If someone is using certain machines at certain times of the day, it may be something you need to know.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Standard Naming Convention

A

Every user needs a unique user name. Keep the same user name across multiple systems. The user name formats should be consistent. They should also not describe a role or status within the org. Their user name should never change during their employment. Memorable user names are good for users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Account Maintenance

A

Initial account setup, then password management, then group and permission assignments. Then force constant password updates and audit user permissions. Eventually you will disable the account, and archive user documents and encryption keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Group-Based Access Control

A

Set group privileges based on what the group does. Put many users into a single group. Add/remove users from the group to give/take privileges. Users can be members of multiple groups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Location-Based Policies

A

User access can be based on location.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security+ SY0-501 (134 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions