Access Control Administration
Detail the specifics of access control administration.
As with any aspect of security, setting it up is not the difficult part—it is the ongoing maintenance and enforcement that is the most difficult. Access control is no exception.
Access control essentially involves two pieces of information—a user ID and a password. This information must be set up and maintained for each user of the system. When a new employee starts at the company, she must be added in a timely fashion, and when someone leaves the company, the account must be disabled in just as timely a fashion.
IN THE FIELD: DISABLING VERSUS DELETINGNotice the key word when someone leaves the company—you disable her account; you do not delete her account. ... |
Get CISSP Training Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
