Skip to content
Infosavvy Security and IT Management Training
  • Cybersecurity
    • Certified Ethical Hacker (CEHv10)
    • Certified Ethical Hacker (CEH) Version 11 | CEHv11
    • EC-Council Security Analyst v10 | ECSA
    • EC-Council Certified Incident Handler | ECIH v2
    • EC-Council Certified Chief Information Security Officer | CCISO
    • Computer Hacking Forensic Investigator | CHFI
    • Certified Threat Intelligence Analyst | CTIA
    • Certified Application Security Engineer | CASE Java
    • Certified Application Security Engineer | CASE .Net
    • Certified Network Defender (CND)
    • Certified Secure Computer User (CSCU)
  • Compliance
    • ISO 27001 Lead Auditor Training And Certification ISMS
    • PCI DSS Implementation Training and Certification
    • ISO 27701 Lead Auditor Training & Certification
    • Certified Lead Implementer | ISO 27001
    • ISO 31000 Risk Management | Certified Risk Manager
    • Personal Data Protection & General Data Protection Regulation Training & Certification
    • GDPR & ISO 27701 LA Combo Training
    • Sarbanes Oxley (SOX) Training and Implementation Workshop
  • Security & Governance
    • Certified Information Security Manager | CISM
    • Certified in Risk and Information Systems Control | CRISC
    • Certified Information Systems Auditor | CISA
    • Certified Information System Security Professional | CISSP
    • EC-Council Certified Chief Information Security Officer | CCISO
    • COBIT5 2019 Foundation Training
  • Other Certifications
    • Quality & Compliance
      • Quality
        • ISO 31000 Core Risk Manage Training & Certification
        • ISO 31000 Risk Management | Certified Risk Manager
        • ISO 9000-2015 Implementation
        • ISO 9000-2015 Lead Auditor
      • Information Technology
        • ISO 27001 Lead Auditor Training And Certification ISMS
        • ISO 27701 lead auditor
        • PCI DSS Implementation Training and Certification
        • Certified Lead Implementer | ISO 27001
        • ISO 20001 ITSM Foundation
        • ISO 20001 ITSM Implementation
        • ISO 22301 BCMS Foundation
        • ISO 22301 BCMS Implementation
      • IT Management
        • IT Operations
          • Foundation
            • ITIL Foundation
          • Intermediate
            • ITIL Intermediate Service Transition
            • ITIL Intermediate Operational Support and Analysis
            • ITIL Intermediate Planning Protection and Optimization
            • ITIL Intermediate Release, Control and Validation
            • ITIL Intermediate Service Design
            • ITIL Intermediate Service Offering and Agreement
            • ITIL Intermediate Service Operation
            • ITIL Intermediate Service Strategy
            • ITIL Intermediate Continual Service Improvement
          • Expert
            • ITIL Expert Managing Across The Lifecycle
        • Project & IT Management
          • Agile Scrum Master
          • Prince2 Foundation and Practitioner
          • Project Management Professional (PMP)
          • COBIT5 2019 Foundation Training
          • COBIT 5 Implementation
        • Statistics
          • Lean Six Sigma Green Belt
          • Six Sigma Green Belt
    • Cloud Computing
      • AWS Certified Solutions Architect | Associate
      • Microsoft Azure Infrastructure Solutions
  • Training Calendar
  • Accreditation
  • Resources
    • Blog
    • Knowledge Base
    • iQuiz | Cyber Security & Management QnA
    • Tools
      • Google Hacking Queries
        • Find Login Pages
        • Publicly exposed documents

CISSP Privileged Account Management – Bk1D7T5St3

Since privileged account allow users to perform sensitive functions that could cause grave damage to the organization if misused, whether maliciously or accidentally, issuing privileged access must be rigorously controlled.

Creating and Issuing Privileged Accounts

Privileged access should be issued according to policies and procedures that do the following:

  • Define a list of the positions/roles that need privileged access rights and specifically to which information systems and components of each system the access is needed.
  • Require unique, identifiable accounts for attribution/nonrepudiation and prohibit the use of shared accounts and generic account names like Administrator.
  • Define expiration of privileged access rights wherever possible. Discourage issuing privileged access indefinitely by default, and encourage and enable issuing these rights on an as-needed basis, for the minimum necessary period. All privileged access should necessarily be temporary and renewed only according to operational needs.
  • Assign privileged access rights to a separate account from those used for daily activities; each privileged user should also have a nonprivileged account.
  • Every privileged access to a data set should be granted/revoked by the data owner.

Protecting Privileged Accounts

Privileged access accounts should be protected according to policies and procedures that do the following:

  • Require users to log out of their privileged access accounts when performing any functions that do not require privileged access
  • Require the use of multifactor authentication for network access to privileged accounts
  • Implement replay-resistant authentication mechanisms for network access to privileged accounts, such as Transport Layer Security (TLS) and challenge-response one-time authenticators
  • Use stronger password restrictions than are mandated for regular user accounts; this can include elevated password complexity, more frequent change requirements, and lower threshold for lockout as a result of failed login attempts.
  • Employ increased logging and monitoring of privileged activity compared to basic user access

Reviewing and Monitoring Privileged Accounts

Privileged accounts need to be monitored and reviewed regularly. Consider the following:

  • Verify that the documentation that maps positions/roles to specific privileged access rights is current and accurate.
  • Define a process and mechanism to collect and aggregate the current list of privileged account holders across all platform.
    • Perform a review of current users with privileged access rights:
      • Do their current tasks and skillsets align with the rights they have?
      • For all systems where access is applicable, have they used the privileged access recently? Do they still need privileged access?
      • Based on audit logs, have they used their privileged access account to perform daily tasks that did not require the permission level of the account?

Data owners should review privileged access to all data stores/systems under their purview more frequently than normal user access accounts.

Inquire Now

Recent Posts

  • Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in a day?’ URL but actually he/she clicks on the content or URL that exists in the transparent ‘iframe’ which is setup by the attacker. What is the name of the attack which is mentioned in the scenario?
  • Sam is working as a system administrator in an organization . He captured the principle characteristics of a vulnerability and produced a numerical score to reflect its severity using CVSS v3.0 to properly assess and prioritize the organization’s vulnerability management processes. The base score that Sam obtained after performing CVSS rating was 4.0 What is CVSS severity level of the vulnerability discovered by Sam in the above scenario?
  • Clark , a professional hacker, was hired by an organization to gather sensitive information about its competitors surreptitiously. Clark gathers the server IP address of the target organization using Whois footprinting. Further, he entered the server IP address as an input to an online tool to retrive information such as the network range of the target organization and to identify the network topology and operating system used in the network. What is the online tool employed by Clark in the above scenario?
  • John a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker installed a scanner on a machine belonging to one of the victim and scanned several machines on the same network to identify vulnerabilities to perform further exploitation. What is the type of vulnerability assessment tool employed by john in the above scenario?
  • An organization has automated the operation of critical infrastructure from a remote location. For this purpose, all the industrial control systems are connected to the INTERNET. To empower the manufacturing processs, ensure the reliability of industrial networks, and reduce downtime and service disruption, the organization decided to install an OT security tool that further protects against security incidents such as cyber espionage, zero-day attack, and malware. Which of the following tools must the organization employ to protect its critical infrastructure?

Product categories

  • Cyber security
  • IT Management
  • IT Security & Governance
  • Quality & Compliance
  • Technology
  • Top Business and IT Certification
  • Top Business and IT Certification Courses for 2020
  • Uncategorized

Quick Menu

  • About Us
  • Resources
    • Our Blog
    • iQuiz – Cyber Security and Management
    • Access to Cloud Computing
  • Cancellations and Refunds
  • Terms And Conditions
  • Privacy Policy
  • About Us

Course Categories

  • Cyber security
  • IT Management
  • IT Security & Governance
  • Quality & Compliance
  • Technology
  • Top Business and IT Certification
  • Top Business and IT Certification Courses for 2020
  • Uncategorized

Course Categories

  • Cyber security
  • IT Management
  • IT Security & Governance
  • Quality & Compliance
  • Technology
  • Top Business and IT Certification Courses for 2020
  • Uncategorized

Quick Menu

  • About Us
  • Resources
    • Our Blog
    • iQuiz – Cyber Security and Management
    • Access to Cloud Computing
  • Cancellations and Refunds
  • Terms And Conditions
  • Privacy Policy
  • About Us

Contact us

Recent Posts

  • Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in a day?’ URL but actually he/she clicks on the content or URL that exists in the transparent ‘iframe’ which is setup by the attacker. What is the name of the attack which is mentioned in the scenario?
  • Sam is working as a system administrator in an organization . He captured the principle characteristics of a vulnerability and produced a numerical score to reflect its severity using CVSS v3.0 to properly assess and prioritize the organization’s vulnerability management processes. The base score that Sam obtained after performing CVSS rating was 4.0 What is CVSS severity level of the vulnerability discovered by Sam in the above scenario?
  • Clark , a professional hacker, was hired by an organization to gather sensitive information about its competitors surreptitiously. Clark gathers the server IP address of the target organization using Whois footprinting. Further, he entered the server IP address as an input to an online tool to retrive information such as the network range of the target organization and to identify the network topology and operating system used in the network. What is the online tool employed by Clark in the above scenario?
  • John a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker installed a scanner on a machine belonging to one of the victim and scanned several machines on the same network to identify vulnerabilities to perform further exploitation. What is the type of vulnerability assessment tool employed by john in the above scenario?
  • An organization has automated the operation of critical infrastructure from a remote location. For this purpose, all the industrial control systems are connected to the INTERNET. To empower the manufacturing processs, ensure the reliability of industrial networks, and reduce downtime and service disruption, the organization decided to install an OT security tool that further protects against security incidents such as cyber espionage, zero-day attack, and malware. Which of the following tools must the organization employ to protect its critical infrastructure?
  • Ralph, a professional hacker, targeted Jane , who had recently bought new systems for her company. After a few days, Ralph contacted Jane while masquerading as a legitimate customer support executive, informing that her systems need to be serviced for proper functioning and that customer support will send a computer technician. Jane promptly replied positively. Ralph entered Jane’s company using this opportunity and gathered sensitive informations by scanning terminals for passwords, searching for important documents in desks, and rummaging bins. What is the type of attack technique Ralph used on Jane?
  • Jason, an attacker, targeted an organization to perform an attack on its Internet-facing web server with the intention of gaining access to backend servers, which are protected by a firewall. In this process, he used a URL https://xyz.com/feed.php?url=externalsite.com/feed/to to obtain a remote feed and altered the URL input to the local host to view all the local resources on the target server. What is the type of attack Jason performed in the above scenario?

Find Us Here

INFO-SAVVY.COM
Address: 2nd Floor Sai Niketan Opp Borivali Railway Station Borivali West Mumbai Maharashtra 400092 INDIA
Call us on
+91 93249 42613/ +91 70455 40400
Email: shaheen@info-savvy.com
Business Hours: 10:00 am – 6:00 pm Mon – Sat

Follow us!

Refer & Earn

Copyright © 2025 Infosavvy Security and IT Management Training | Certification Partner InfoCerts.com

Infosavvy Inquire now

No Fields Found.