Security+ 5 Flashcards
SQL Server Authentication : uses local database user accounts, Windows Authentication : uses underlying server user accounts, Mixed Authentication : uses both SQL Server and Windows Authentication. Role-based authorization manages permissions through roles that are assigned to users by admins. Account-based authorization manages permission by making explicit permission grants to each account.
Job Rotation : regularly move people between jobs to prevent fraud and gain experience etc …
info …
Account Management Life Cycle : administrator new users to systems and have correct entitlement to job role, modifying those roles when user changes jobs or users job requires new access, reviewing access on regular basis, and removing any unnecessary access after re-certification and removing access of terminated users.
GPO : applies config settings to users and computers.
Attestation : formal approval of user privileges.
info …
Provisioning : after on-boarding, admins create authentication credentials and grant appropriate authorization.
De-provisioning : during off-boarding process, admins disable accounts and revoke authorizations at appropriate time.
Routine Workflow : disables accounts on scheduled basis for planned departures. Emergency Workflow : immediately suspends access when user is unexpectedly terminated.
info …
Cryptography : use of math algorithms to transform info into a form that is not readable by unauthorized individuals. But does permit authorized person(s) to transform it back into readable form.
Nonrepudiation is only possible w/asymmetric cryptography.
info …
