Thursday, February 24, 2011

Security+ Exam Objectives 4.7

4.7 Conduct periodic audits of system security settings.

Alongside with other audits, it’s also important to routinely audit system security settings. This includes group policies, user accounts and accesses, and so on. Neglecting this type of audit leaves an open hole for a rogue user or an unauthorized user to gain access to important information. In this section, you’ll want to know how and why it is important to complete the following audits:

  • User access and rights review – A review of assigned resource privileges, determining who needs to have access to what by way of privileges. Privileges being how much information a user account has access to. Frequently user accounts will be setup via the Principle of Least Privilege which declares a user account the bare minimum access needed for the user to perform their tasks. However, when a user finds a way to exploit their access privileges this is known as privilege abuse, gaining access to information or privileges that they have not been assigned. Often times this abuse can be related to administration errors such as assigning new privileges to a user account while forgetting to remove the old privileges. Other times the abuse is malicious and due to a hacker attacking the system and manipulating the system to give themselves more privileges than they are entitled to.

  • Storage and retention policies – As technology progresses and the needs for security become more evolved there arises a problem as to what needs storing and where is the safest place to store data. HIPAA (Health Insurance Portability and Accountability Act) and Sarbox (Sarbanes-Oxley Act 1996) decided when and for how long data should be stored and secured in an organization’s system.

  • Group policies – In a group policy, one baseline can be established so that all computers on the company’s network are all using the same Operating System as defined in the company’s security policy. This makes it easier on the Network Admin to provide a policy for the entire system without making a baseline for each computer on the network individually.
 
Visit GetCertify4Less or our new site GetCertified4Less to save on your Security+ certification.
Posted 9:30 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)