1.4 KiB
1.4 KiB
Lab SEC-1: Security Controls and Account Privileges
Domain:
- 2.0 Security
Works on:
- Windows
- Linux
- Optional macOS
Goal
Practice identifying local account privileges and matching security controls to risks.
Windows Steps
Run:
whoami
whoami /groups
whoami /priv
net user
net localgroup
net localgroup administrators
Record:
- Current user:
- Is the user in Administrators?
- One group membership:
- One privilege listed:
- Any account/group that seems high risk:
Linux Steps
Run:
whoami
id
groups
sudo -l
Record:
- Current user:
- UID:
- Groups:
- Sudo allowed:
Optional macOS Steps
Run:
whoami
id
groups
Record:
- Current user:
- UID:
- Groups:
Control Matching
Match the best control:
- Stop vehicles from reaching a building:
- Prevent one person from following another through a secure door:
- Store privileged passwords and grant temporary admin access:
- Stop confidential files from being emailed:
- Require phones to use PINs and allow remote wipe:
- Authenticate once and access multiple cloud apps:
- Give users only the access required for their work:
What You Should Learn
- Local group membership affects privileges.
- Least privilege reduces risk.
- MFA proves identity using multiple factor types.
- DLP protects sensitive data from leakage.
- MDM centrally manages mobile devices and policies.
- PAM/JIT control privileged access.