- Objective 1.1: Control access by applying the following concepts/methodologies/techniques
- Objective 1.2: Understand access control attacks
- Objective 1.3: Assess effectiveness of access controls
- Objective 1.4: Identity and access provisioning lifecycle (e.g., provisioning, review, revocation)
This section contains the answers to the “Can you answer these questions?” sections in this chapter.
Objective 1.1: Control access by applying the following concepts/methodologies/techniques
- A security policy. It has an overall goal of preventing loss of confidentiality, loss of integrity, and loss of availability of assets considered valuable by the organization.
- A detective control. It is being used after an incident to discover what occurred. Audit logs can also be used for access reviews and audits, but, in that case, the logs are a preventive control.
- An access control list (ACL) is directly associated with an object, and it lists subjects that can access it. An access control matrix combines a capability table with an ACL and lists all subjects and objects.
- Biometric systems with a low crossover error rate (CER) are better than systems with a high CER. The CER identifies where Type 1 errors (false reject rates) are equal to Type 2 errors (false accept rates).
- Service Assertion Markup Language (SAML) is used in federated identity management systems to share user information for single sign-on (SSO) between organizations in a federation.
- A database view is a constrained user interface.
- Audit trails require strong identification and authorization systems in place. If users are not uniquely identified or can easily be impersonated due to weak authorization, the data in the audit trails cannot be trusted.
Objective 1.2: Understand access control attacks
- Input validation. Buffer overflow attacks are possible when users can enter unexpected data into a system and access normally inaccessible memory spaces. Input validation checks the data before it is used and prevents this type of attack.
- All assets, including hardware, software, data, systems, and people, should be evaluated to determine their value.
- The primary purpose of vulnerability scans is to evaluate the effectiveness of security controls in enforcing security policies.
- Any person or organization can be a target of an APT. APTs are commonly thought to attack only military and government targets, but they have also targeted civilian organizations and individuals.
Objective 1.3: Assess effectiveness of access controls
- Create a second account for the user and give it elevated privileges. Instruct the user to use this account only when it is necessary to complete the tasks requiring the elevated privileges.
- A primary method of review includes the use of audit logs and audit trails. Another method is to identify who is assigned elevated privileges, such as by viewing membership in administrative groups.
Objective 1.4: Identity and access provisioning lifecycle (e.g., provisioning, review, revocation)
- Accounts are provisioned when they are first created and throughout their lifetime. Provisioning occurs each time privileges are added, and de-provisioning is the process of removing privileges that are no longer needed.
- Logs and audit trails are the primary method of reviewing the provisioning process. This requires the creation and proper management of logs and audit trails.
- Accounts should be disabled as soon as it’s known that they are not needed. When employees leave a company for cause, their account should be disabled during an exit interview.