Authorization functions is a process by which access to a particular

profileThehonest
 (Not rated)
 (Not rated)
Chat

1. Determining access controls 
Authorization functions” is a process by which access to a particular IT asset can be granted or denied, while access control is used to enforce the rules for authorization. There are several access control models, including "role-based" AC, "discretionary" AC, "mandatory" AC, and "attribute-based" AC. Imagine that, as the security administrator for a medium-sized retail-based organization with around 2000 users, you are tasked with determining the appropriate level of access for a new user in the Human Resources department. What approach would you take to determine access for this person? What methods would you use to verify that the choice of access controls is appropriate for this user?

2. Building an IDS framework 
Imagine that, as the security manager at XYZ Corporation, you are responsible for managing the intrusion detection environment. If you were given the ability to build the environment from scratch, would you use network-based IDS, host-based IDS, or a combination? Why? How would you structure your staff and organization to get the most out of your investment? Are there any strengths of one over the other that you may take into consideration? Which one is more expensive?

 

 

    • 8 years ago
    A+ Answers
    NOT RATED

    Purchase the answer to view it

    blurred-text
    • attachment
      colors85.docx