Chapter 14

Security-Related Policies and Procedures

The Following CompTIA Security+ Exam Objectives Are Covered in This Chapter:

  • 2.2 Carry out appropriate risk mitigation strategies.
    • Implement policies and procedures to prevent data loss or theft
  • 5.2 Explain the fundamental concepts and best practices related to authentication, authorization, and access control.
    • Least privilege
    • Separation of duties
    • Time of day restrictions
    • Mandatory vacations
    • Job rotation
  • 5.3 Implement appropriate security controls when performing account management.
    • Mitigates issues associated with users with multiple account/roles
    • Account policy enforcement: Password complexity; Expiration; Recovery; Length; Disablement; Lockout
    • Group based privileges
    • User assigned ...

Get CompTIA® Security+™: Study Guide, Fifth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial