Logical Access Control – Least Privilege
If you plan on taking theÂ Security+Â exam you should have a good understanding of the various logical access controls including the principle of least privilege. These controls restrict access to the logical network as opposed to restricting access to the physical areas of a building or physical access to devices within the network.Â This blog is an excerpt from theÂ CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.
The principle of least privilege is an example of a technical control that uses access controls. Privileges are the rights and permissions assigned to users. Least privilege specifies that individuals and processes are granted only the rights and permissions needed to perform assigned tasks or functions, but no more. For example, if Joe needs to print to a printer, you should grant him print permission for that printer, but nothing else.
This principle also applies to administrators. Not every IT administrator needs full administrative rights on every device within the network. If an administrator only needs to be able to review logs and update specific network devices, the administrator should be given appropriate access to these logs and devices, and no more.
Least privilege is a technical control. It specifies that individuals or processes are granted only those rights and permissions needed to perform their assigned tasks or functions.
A colleague shared an extreme example of how this principle was violated where he worked. He was the lone IT administrator, and no matter how much he asked for help, his boss was never able to get him additional staff. The company grew, and he found he was fielding many complaints because users didnâ€™t have the access they needed. He knew he needed to improve the administrative model with groups and roles, but he just didnâ€™t have enough time.
The users complained to his boss, who then put pressure on him. The bossâ€™s direction was simply: â€œFix this problem!â€
Ultimately, he put all the users into the Domain Admins group. In a Windows Active Directory domain, the Domain Admins group has full rights and permissions to do anything and everything in a domain. Suddenly, all the users had full privileges. This was the equivalent of lighting the fuse on a time bomb. It would only be a matter of time before users purposely or accidentally caused problems with their newfound permissions.
Ironically, his boss was happy because the users stopped complaining. I heard from him a couple of months later. One of the users found payroll data on the network and discovered the salaries of other employees. It spread through the company quickly and caused a significant amount of infighting. At that point, his bossâ€™s boss wasnâ€™t very happy.
It takes a little time and effort to implement role-based access control with groups. However, it reduces overall administration and helps to implement the principle of least privilege.
Security+ Study Resources
Looking for quality practice test questions?
468 Quality Security+ Practice Test Questions
Special Introductory PricingÂ
Full bank of 468 realistic practice test questions with in-depth explanations.Â All questions include explanations so you’ll know why the correct answers are correct, and why the incorrect answers are incorrect. This way no matter how CompTIA words the questions, you’ll be able to answer them correctly. These questions are from theÂ CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.
Multiple quiz formats to let you use these questions based on the way you learn.
- Learn mode – randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you’ll see the explanation.
- Learn mode – not randomized.Â View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you’ll see the explanation.
- Test mode – randomized.Â View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test.
- Test mode – not randomized.View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test.
- Test mode – 100 random questions. View 100 random random questions from the full test bank similar to how the Security+ exam has a potential maximum of 100 multiple choice questions.Â In test mode, you can only see the correct answers and explanations after you complete the test.
Pass the Security+ exam the first time you take it with the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.
|You’ll be ready to take and pass the exam the first time you take it.|
Learn by Listening
Supplement your studies with Security+Â audio filesÂ read directly from the CompTIA Security+ Get Certified Get Ahead SY0-301 book.Â A total of over 4 hours and 40 minutes are now available.
Supplement your studies with Security+ audio files you can listen to while on the go. Listen to key topics from all the chapters of the top sellingÂ CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide, or focus on just the topics you want to brush up on.
Note that these audio files are not the entire 556 page book which could easily be forty hours of listening time. Instead, they focus on key information to supplement your studies.
Choose from one of two audio downloads currently available or get them both:
- Remember This Blocks – CurrentlyÂ only $5.99
- Questions and Answers – CurrentlyÂ only $7.99
You can get either theÂ Remember ThisÂ audio from the book to reaffirm key testable concepts, or theÂ Practice Test Questions and AnswersÂ audio which includes full explanations to help you understand why the correct answers are correct, and why the incorrect answers are incorrect.
Listen on your iPod or MP3 player.
Note: These audio files are for theÂ SY0-301 edition of the Get Certified Get Ahead Security+ book.
Free sampleÂ from chapter 8 available for a limited time. This audio sample includes the Remember This blocks from chapter 8 which are key topics to know for the exam.
|Buy the Questions and Answers audio here.Audio files read directly from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study GuideÂ by a professional voice actor.||Buy the Remember This audio here.|
Audio files read directly from the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide by a professional voice actor.
Practice Test Questions
|Check your readiness for the Security+ exam with theÂ CompTIA Security+ SY0-301 Practice Test Questions (Get Certified Get Ahead)|
book. Available in both paperback andÂ Kindle format.
You can downloadÂ free Kindle applications for just about any device from here.
|The book is organized in six chapters matched to the six Security+ domains.Each chapter in the Kindle edition includes three sections:|
Additionally, the acronym list at the end of the book provides relevant details on many of the acronyms referenced in the Security+ exam.
|Practice test questions for your mobile devices. Learnzapp has apps for a wide assortment of mobile devices including Apple, Android, Amazon, Nook, and Blackberry.|