tailieunhanh - Lecture Information systems security - Chapter 8: Conducting security audits

After studying this chapter you should be able to: Define privilege audits, describe how usage audits can protect security, list the methodologies used for monitoring to detect security-related anomalies, describe the different monitoring tools. | Conducting Security Audits Contents Define privilege audits Describe how usage audits can protect security List the methodologies used for monitoring to detect security-related anomalies Describe the different monitoring tools Privilege Auditing A privilege can be considered a subject’s access level over an object Principle of least privilege Users should be given only the minimal amount of privileges necessary to perform his or her job function Privilege auditing Reviewing a subject’s privileges over an object Requires knowledge of privilege management, how privileges are assigned, and how to audit these security settings Privilege Management The process of assigning and revoking privileges to objects The roles of owners and custodians are generally well-established The responsibility for privilege management can be either centralized or decentralized Centralized and Decentralized Structures In a centralized structure One unit is responsible for all aspects of assigning or revoking privileges All custodians are part of that unit Promotes uniform security policies Slows response, frustrates users A decentralized organizational structure for privilege management Delegates the authority for assigning or revoking privileges more closely to the geographic location or end user Requires IT staff at each location to manage privileges Assigning Privileges The foundation for assigning privileges The existing access control model for the hardware or software being used Recall that there are four major access control models: Mandatory Access Control (MAC) Discretionary Access Control (DAC) Role Based Access Control (RBAC) Rule Based Access Control (RBAC) Auditing System Security Settings Auditing system security settings for user privileges involves: A regular review of user access and rights Using group policies Implementing storage and retention policies User access and rights review It is important to periodically review user access privileges and rights Most organizations | Conducting Security Audits Contents Define privilege audits Describe how usage audits can protect security List the methodologies used for monitoring to detect security-related anomalies Describe the different monitoring tools Privilege Auditing A privilege can be considered a subject’s access level over an object Principle of least privilege Users should be given only the minimal amount of privileges necessary to perform his or her job function Privilege auditing Reviewing a subject’s privileges over an object Requires knowledge of privilege management, how privileges are assigned, and how to audit these security settings Privilege Management The process of assigning and revoking privileges to objects The roles of owners and custodians are generally well-established The responsibility for privilege management can be either centralized or decentralized Centralized and Decentralized Structures In a centralized structure One unit is responsible for all aspects of assigning or revoking .

• An ninh - Bảo mật
• Information systems security
• Lecture Information systems security
• Information security
• Conducting security audits
• Privilege audits
• Privilege management
• Security
• General Security Concepts
• Security Concepts
• network security
• computer network security
• Security terminology
• Bảo mật mạng
• Disaster recovery