best practices Flashcards
this principle states that users or groups are given only the access they need to do their job
principle of least privilege
this is when users or groups are not specifically given access to a resources and denied access
implicit deny
this is when users or groups are specifically given access to a resources and denied access
explicit allow
this is when users or groups are not allowed access to a resources and denied access
explicitly deny
this describes the restriction of data that is highly sensitive and is usually referenced in government and military context
need to know
this is having more than one person required to complete a task
separation of duties
this is when users are crossed trained in multiple job positions and where responsibilities are regularly rotated between personnel
job rotation
this access control method implements multiple access control methods instead of relying o a single method
defense-in-depth
this occurs when a users job position changes and they are granted a new set of access privileges and their pervious access privileges are not removed or modified
creeping privileges
this stores a users authentication credential for multiple systems
credential management system
in a windows network, these policies allow you to create password policies for users and global groups separate from the password policies applied to the entire domain
fine-grained
when a users account is disabled after incorrect login attempts; this is called
account lockout
it identifies the number of incorrect attempts allowed before the account is locked
account lockout threshold
it identifies the length of time the account will be disabled
account lockout duration
this setting identifies the period of time during which invalid password are entered
reset account lockout counter after
