Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our session management and accountability module. It is important to make sure that we are managing users' sessions appropriately to ensure the security of our systems. Once a user is authenticated and has logged into the system, their configuration profile will be loaded to determine what resources they have access to and any settings that need to be applied.
The Department of Defense requires that users close their computer sessions by removing their common access card, or CAC whenever they walk away from the system. Most business environments will require users to lock their system by pressing ctrl+alt+delete and then clicking on lock this computer or using the shortcut key, the Windows Key plus L.
Screensavers are also helpful to lock a system that a user forgot to secure before leaving their desk. They can lock the system after a certain number of minutes of inactivity. And when the user returns to the system, they'll be required to reauthenticate to access a locked system. It is critical that we have logging or auditing in place to make sure that users are accountable for their actions.
We also use these logs to determine if our security controls are being enforced appropriately to detect malicious activity. And once this activity has been detected, we can use the logs to take corrective measures and close any security gaps that we may have previously missed. Once an incident occurs, we can use logs as an investigative tool during the incident response process to determine how the attack occurred and also to determine how we can prevent future attacks.
We have several different ways that we can use auditing in our systems to increase security. We can use real-time auditing to detect intrusions and let our administrators know of potential problems. We can also use SIMs, security information and event management, or security event management systems. These are automated solutions that review our logs and provide alerts to our administrators when they detect an anomaly or other security concern.
You will most likely see the term SIM on the CISSP exam. You should be familiar with the fact that the SIM has the benefit of collecting logs from multiple different servers, systems, and other devices, and correlating them to determine if there are any problems. We can also review logs for past activity manually, this is not ideal because an incident could occur and the attacker could have days, weeks, or even months before someone detects it during a manual log review.
In order to have a well protected environment you should combine all of these types of logging and auditing. In order to detect any anomalies, any incidents, or intrusions, as well as make sure that your employees are properly following your security policies and procedures. This concludes our session management and accountability module.
Thank you for watching.
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!