10.2.2 - Privileged Access Management and Security Principles

Flashcards for Network+ exam preparation.

What does the principle of least privilege mean?

A user is granted sufficient rights to perform their job and no more, mitigating risk if the account is compromised.

What is authorization creep?

A situation where a user acquires more and more rights, either directly or by being added to security groups and roles.

How can least privilege be ensured?

By closely analyzing business workflows to assess required privileges and by performing regular account audits.

What is separation of duties and why is it important?

It's a means of establishing checks and balances to prevent critical systems or procedures from being compromised by insider threats.

What is a privileged account?

An account that can make significant configuration changes to a host, such as installing software or disabling a firewall.

What does PAM stand for and what does it involve?

Privileged Access Management. Policies, procedures, and technical controls to prevent the malicious abuse of privileged accounts and mitigate risks from weak configuration control.

What are some general principles included in Privileged Access Management (PAM)?

Least privilege and separation of duties.