CISSP考试指南笔记:5.9 访问控制实践

最新推荐文章于 2021-03-30 00:15:18 发布
最新推荐文章于 2021-03-30 00:15:18 发布
阅读量459 收藏
点赞数
分类专栏: CISSP备考资料
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/xuzhina/article/details/113993306
版权

The following is a list of tasks that must be done on a regular basis to ensure security stays at a satisfactory level:

  • Deny access to systems to undefined users or anonymous accounts.

  • Limit and monitor the usage of administrator and other powerful accounts.

  • Suspend or delay access capability after a specific number of unsuccessful logon attempts.

  • Remove obsolete user accounts as soon as the user leaves the company.

  • Suspend inactive accounts after 30 to 60 days.

  • Enforce strict access criteria.

  • Enforce the need-to-know and least-privilege practices.

  • Disable unneeded system features, services, and ports.

  • Replace default password settings on accounts.

  • Limit and monitor global access rules.

  • Remove redundant resource rules from accounts and group memberships.

  • Remove redundant user IDs, accounts, and role-based accounts from resource access lists.

  • Enforce password rotation.

  • Enforce password requirements (length, contents, lifetime, distribution, storage, and transmission).

  • Audit system and user events and actions, and review reports periodically.

  • Protect audit logs.

Unauthorized Disclosure of Information

Object Reuse

Object reuse issues pertain to reassigning to a subject media that previously contained one or more objects.

Sensitive data should be classified (secret, top secret, confidential, unclassified, and so on) by the data owners.

剩余内容请看本人公众号debugeeker, 链接为CISSP考试指南笔记:5.9 访问控制实践

debugeeker
关注
专栏目录
CISSP学习指南:用于2018 CISSP考试的学习材料
02-05
CISSP学习指南:用于2018 CISSP考试的学习材料
CISSP学习详细笔记、错题,考点标黑标红
03-19
### CISSP 学习详细笔记与错题分析 #### 安全管理核心概念与原则 **保密性(Confidentiality)**: - **目的**:确保数据处于保密状态,阻止或最小化未授权访问(包括恶意攻击和无意识的人为错误)。 - **控制手段**...
OBSOLETE USER EXIT CALL
sun-hsh
01-09 904
环境信息: EBS----------------11.5.10.2 RDBMS-----------11.2.0.3.8 APP OS-----------Linux 4.5(32bit) DB OS-------------AIX6.1   Symptoms ebs11i升级数据库到11.2.0.3.8的工作完成。但是,今天客户测试功能时发现,在新建用户或者修改用户密码时,每当输
CISSP考试指南笔记:5.5 访问控制机制
debugeeker的专栏
02-14 229
Anaccess control mechanismdictates how subjects access objects. It uses access control technologies and security mechanisms to enforce the rules and objectives of anaccess control model. There are five main types of access control models: discretionary,...
CISSP考试指南笔记:5.1 访问控制概述
debugeeker的专栏
02-09 134
Access controlsare security features that control how users and systems communicate and interact with other systems and resources. They protect the systems and resources from unauthorized access and can be components that participate in determining the le.
CISSP考试指南笔记:5.10 访问控制监控
debugeeker的专栏
02-23 352
Intrusion Detection Systems Intrusion detection systems (IDSs)are different from traditional firewall products because they are designed to detect a security breach. Intrusion detection is the process of detecting an unauthorized use of, or attack upon,..
CISSP考试指南笔记:5.6 访问控制手段和技术
debugeeker的专栏
02-14 198
Constrained User Interfaces Constrained user interfacesrestrict users’ access abilities by not allowing them to request certain functions or information, or to have access to specific system resources. Three major types of constrained user interfaces exi.
CISSP考试指南笔记:1.19 道德
debugeeker的专栏
12-18 207
(ISC)2 requires all certified system security professionals to commit to fully supporting its Code of Ethics. Protect society, the common good, necessary public trust and confidence, and the infrastructure. Act honorably, honestly, justly, responsi
CISSP考试指南笔记:8.5 变更控制
debugeeker的专栏
03-30 297
Change managementis a systematic approach to deliberately regulating the changing nature of projects, including software development projects. Change Control Change controlis the process of controlling the specific changes that take place during the li..
CISSP考试指南笔记:1.3控制类型
debugeeker的专栏
12-14 288
Controls are put into place to reduce the risk an organization faces, and they come in three main flavors: administrative, technical, and physical. 控制措施是为了降低组织面临的风险,这些控制措施主要有三种:管理控制、技术控制和物理控制。 Administrative controls are commonly referred to as “soft contr
CISSP考试指南笔记:5.11 针对访问控制的攻击
debugeeker的专栏
02-23 457
Dictionary Attack Crack program hashes the dictionary words and compares the resulting message digest with the system password file that also stores its passwords in a one-way hashed format. If the hashed values match, it means a password has just been un
CISSP考试资料合集(含最新第八版教程指南).zip
08-19
CISSP考试辅导资料 CISSP历年考试习题 CISSP最新全套培训讲义(完整版) CISSP 2020年最新考生复习经验分享汇总 cissp 考试复习重点与做题方法(考生汇总) 国内顶级培训机构CISSP英文对照习题1000题 CISSP官方...
CISSP考试指南
06-18
在本文档,有关CISSP认证考试指南的内容较为有限,但可以推断出该指南主要面向希望考取CISSP认证的个人。文档提到了国民间信息安全学习群体和一个相关的网站***,以及“国盟信息安全基地”这几个关键词。这里...
CISSP学习笔记 CISSP关键知识点总结汇总.zip
01-05
CISSP学习笔记CISSP关键知识点总结汇总,以网上搜集到的CISSP学习资料为基础,补充修改了关键内容,不保证正确。 第一章 通过原则和策略的安全治理 第二章 人员安全和风险管理概念 第三章 业务连续性计划 第四章 ...
基于java网上球鞋竞拍系统设计与实现.docx
09-19
基于java网上球鞋竞拍系统设计与实现.docx
基于bert实现关系三元组抽取python源码+数据集+项目说明.zip
最新发布
09-19
基于bert实现关系三元组抽取python源码+数据集+项目说明.zip基于bert实现关系三元组抽取python源码+数据集+项目说明.zip基于bert实现关系三元组抽取python源码+数据集+项目说明.zip基于bert实现关系三元组抽取python源码+数据集+项目说明.zip基于bert实现关系三元组抽取python源码+数据集+项目说明.zip 个人大四的毕业设计、课程设计、作业、经导师指导并认可通过的高分设计项目,评审平均分达96.5分。主要针对计算机相关专业的正在做毕设的学生和需要项目实战练习的学习者,也可作为课程设计、期末大作业。 [资源说明] 不懂运行,下载完可以私聊问,可远程教学 该资源内项目源码是个人的毕设或者课设、作业,代码都测试ok,都是运行成功后才上传资源,答辩评审平均分达到96.5分,放心下载使用! 1、该资源内项目代码都经过测试运行成功,功能ok的情况下才上传的,请放心下载使用! 2、本项目适合计算机相关专业(如计科、人工智能、通信工程、自动化、电子信息等)的在校学生、老师或者企业员工下载学习,也适合小白学习进阶,当然也可作为毕设项目、课程设计、作业、项目初期立项演示等。 3、如果基础还行,也可在此代码基础上进行修改,以实现其他功能,也可用于毕设、课设、作业等。 下载后请首先打开README.md文件(如有),供学习参考。
基于java的足球赛会管理系统设计与实现.docx
09-19
基于java的足球赛会管理系统设计与实现.docx
基于java的婚纱摄影网的设计与实现.docx
09-19
基于java的婚纱摄影网的设计与实现.docx
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值