On-site Identity Issues Scenario:

Provided is two different local identity scenarios. For each, you should research the technology or situation described, and then write a written recommendation to handle the issue described.

In Part 3, you will review your answers and looks for potential flaws that remain.

Part 1: Emergency privilege escalation:

At Example Corp., administrative accounts are created and managed using a central identity and access management suite. This suite, as well as the company's central AAA servers, are hosted in redundant datacenter, and site-to-site VPNs normally connect those datacenter to multiple locations around the country.

Example Corp.'s system engineering department recently dealt with a major Internet connectivity outage, which also resulted in engineers being unable to log in to the systems at the sites where they worked. This meant that they were unable to work to fix the issues.

The engineers have requested that you identify a secure way to provide emergency, on-demand privileged access to local servers when th central AAA services are unavailable. You have been asked to provide a solution to central management that is both secure and flexible enough to allow authentication for network devices, servers, and workstations.

Part 2: Managing privilege creep:

A recent audit of Example Corp.'s file shares shows that many long-term employees have significantly broader right to files and folders than their current roles should allow. In fact, in some cases employees could see sensitive data that could result in negative audit findings in a pending external audit.

How would you recommend that Example Corp. handle both the current issue of privilege creep and the ongoing problem of ensuring that it does not occur in the future without seriously disrupting the company's operations?

Part 3: Review:

Review your recommendations to ensure that confidentiality, integrity, and availability are maintained. Did you provide a solution that covers each of these three areas?

1. Does your solution cover each of these areas (if appropriate)?

a. Personal

b. Endpoint devices

c. Servers

d. Services and applications

e. Roles and groups

2. If you were asked to conduct a penetration test of an organization that had implemented your recommendations, how would you approach attacking your solution?