Phase 5

Managing User Accounts

The weakest link in the security of an enterprise is its users. Your job as a security administrator is to implement the strongest security possible. Through user-account management, you can introduce security controls that will help strengthen the security of your information systems.

The user-account controls take the form of creating user accounts with a standardized account template to establish the baseline permissions, implementing a strong password policy, auditing failed logons to detect password-cracking attacks, securing default accounts, and implementing Deny groups on sensitive content.

The tasks in this phase map to Domains 1, 3, and 4 objectives in the CompTIA Security+ exam (www.comptia.org/certifications/listed/security.aspx).