O'Reilly logo

CISSP Training Kit by David R. Miller

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Authentication, authorization, and auditing

In most workplaces, different workers perform different jobs, have different information access needs, and therefore require different privileges to manage their access requirements. Management must have some way to trust that only the authorized users are accessing only the content they are authorized to access. To maximize security, most information systems default to a state of no access and then only specifically grant Allow access permissions to provide access. Remember that this granting of allow permissions should always follow the principle of least privilege, allowing only the minimum level of privilege a user must have to perform his assigned work and no more privilege than that.

Before privileges ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required