Chapter 11. Privilege Management, Forensics, Risk Identification, Education, and Documentation

Chapter 11. Privilege Management, Forensics, Risk Identification, Education, and Documentation

Terms you'll need to understand:

• Privilege management

• Access control

• Mandatory Access Control (MAC)

• Discretionary Access Control (DAC)

• Role-Based Access Control (RBAC)

• Risk assessment

• Vulnerabilities

• Acceptable use

• Forensics

Techniques you'll need to master:

• Knowing the differences between user -based, group -based , and Role-Based Access Control models

• Understanding the basic steps involved in performing a risk assessment for an organization

• Understanding the steps involved in forensic analysis of data

After securing both physical and network access, as discussed in Chapter 10, "Organizational Security," it is necessary to plan for proper privilege management over network resource access as well as to plan for later security auditing and incident-response standards. This chapter will look at models of privilege management and basic details relating to risk identification, education, documentation, and post-incident forensics. This chapter will not attempt to cover all possible avenues of risk assessment and response management but will provide you with the necessary details for the exam. Additional resources are detailed at the end of the chapter.