Activity $2$: On$-$Site Identity Issues Scenario

In this activity, you will be provided with two different local identity scenarios. For each, you should

research the technology or situation described, and then write a written recommendation to handle

the issue described. In Part $3,$ you will review your answers and look for potential flaws that remain.

Part $1$: Emergency privilege escalation

$3$

At Example Corp., administrative accounts are created and managed using a central identity and

access management suite. This suite, as well as the company's central AAA servers, are hosted in

redundant datacentres, and site$-$to$-$site VPNs normally connect those datacentres to multiple

locations around the country.

Example Corp.$\text{'}$s systems engineering department recently dealt with a major internet connectivity

outage, which also resulted in engineers being unable to log in to the systems at the sites where they

worked. This meant that they were unable to work to fix the issues.

The engineers have requested that you identify a secure way to provide emergency, on$-$demand

privileged access to local servers when the central AAA services are unavailable. You have been asked

to provide a solution to central IT management that is both secure and flexible enough to allow

authentication for network devices, servers, and workstations.

Part $2$: Managing privilege creep

A recent audit of Example Corp.$\text{'}$s file shares shows that many long$-$term employees have significantly

broader rights to files and folders than their current roles should allow. In fact, in some cases

employees could see sensitive data that could result in negative audit findings in a pending external

audit.

How would you recommend that Example Corp. handle both the current issue of privilege creep and

the ongoing problem of ensuring that it does not occur in the future without seriously disrupting the

company's operations?

Part $3$: Review

Review your recommendations to ensure that confidentiality, integrity, and availability are maintained. Did you provide a solution that covers each of these three areas?

Does your solution cover each of these areas $($if appropriate$)?$

$$ Personnel

$$ Endpoint devices

$$ Servers

$$ Services and applications

$$ Roles and groups

If you were asked to conduct a penetration test of an organization that had implemented your

recommendations, how would you approach attacking your solution?