Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ SY0-501 by Glen E. Clarke > Ch11 - 11.03 Implementing Access Control > Flashcards

Ch11 - 11.03 Implementing Access Control Flashcards

1
Q

User Account Types

A
  1. User account (Everyone should have their own)
  2. Shared and generic accounts/credentials (Nope, don’t even bother from the auditing point of view)
  3. Guest account
  4. Service account
    The user account that you associate with a piece of
    software is known as a service account because it is a feature that is used by services running within the operating systems as well
  5. Privileged account
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Common Rights in Windows

A

Access this computer from the network
This right controls who is allowed to connect to the system from across the network.

Allow log on locally
This right controls who is allowed to sit at the computer and log on.

Back up files and directories
This right controls who can do backups on the system.

Change the system time
This right controls who is allowed to adjust the time on the computer.

Take ownership of files or other objects
This right controls who is allowed to take ownership of files, folders, or printers. The owner of a resource is allowed to change the permissions on the resource at any time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Right vs. Permission

A

A right is someone’s privilege to perform a task,

While permission is someone’s level of access to a resource.

For example,
the Authors group was given the Modify permission to the Publications folder. The Authors group was not given the Modify right. The opposite is true as well—the Authors group was given the right to perform backups, not the permission to perform backups!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Lists the Types of Group Policies by Location

A

Local
A local policy is a policy that is configured on one system, the system you are running the Group Policy Object Editor on. To configure local policies, you can create a custom Microsoft Management Console (MMC) and add the Group Policy Object Editor.

Site
You can deploy a group policy to an Active Directory site, which has the capability of applying to multiple domains in that site.

Domain
You can apply a group policy at the domain level so that it affects all users and computers in the Active Directory domain

Organization unit (OU) 
You can apply a group policy at the OU level so that the policy applies only to a small group of users or computers.

** The location of the policies just listed also determines the processing order of those policies. For example, when a computer starts up, it first applies its local policy, then applies the site, domain, and any OU policies. The reason I mention this is because if you have a conflicting setting between the four policies, the last one applied wins (which normally ends up being the domain or OU policy). **

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Account Restrictions

A
  1. Account Expiration
  2. Time-of-Day Restrictions
  3. Account Lockout
  4. Account Disablement (Unused Accounts)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security+ SY0-501 by Glen E. Clarke (48 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions