From the course: Cert Prep: ISC2 Certified in Cybersecurity (CC)
Join today to access over 23,200 courses taught by industry experts.
Authorization
From the course: Cert Prep: ISC2 Certified in Cybersecurity (CC)
Authorization
- Authorization is the final step in the access control process. Once an individual successfully authenticates to a system, authorization determines the privileges that individual has to access resources and information. Now, before we talk about the different ways that you can implement authorization, let's talk about an important underlying principle. The principle of least privilege. Now the least privileged principle says that an individual should only have the minimum set of permissions necessary to accomplish their job duties. Least privilege is important for two reasons. First, least privilege minimizes the potential damage from an insider attack. If an employee turns malicious, the damage they can cause will be limited by the privileges assigned to them by their job role. It's unlikely, for example, that an accountant would be able to deface the company website because an accountant's job responsibilities have…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.