Question

• Explain the types of information that can be stored in an Active Directory user record.
• What are some of the additional tabs which are available in the Active Directory Users and Computers "Advanced Features" mode?
• What are some of the specific challenges and risks associated with account management in a large infrastructure?
• How can inadequate access controls or access management leave critical information vulnerable?
• What protections does encryption offer and how important is key management to keeping any encryption system secured?
• Consider a cloud-hosted Infrastructure as a Service (IaaS) environment with many users accessing these systems from all over the world. What advantages or challenges might there be managing these identities and associated keys?

Answer 1

`Hey,

Note: Brother if you have any queries related the answer please do comment. I would be very happy to resolve all your queries.

A)Types of information that can be stored in an Active Directory user record:

1.Active Directory user record, is the directory which consists of listing of objects.

2.This store information about

a)organizations,

b)sites,

c)computers,

d)users,

e)shares, and

f)about any other network object.

3.It has the ability to record different types of information about different objects.

4.Active directory trend towards relying on standard protocols which stores in an activity directory user record.

B) some of the additional tabs which are available in the Active Directory Users and Computers "Advanced Features" mode:

1.Password Expires:

This is a period of time which shows when the password expires.

2.Password Last Set:

Which shows the time when a user password has been changed.

3.User Account Control / Locked:

The account status has been shown whether it is enabled, disabled, locked.

4.Last logon (logoff) :

The time of the last logon and logoff of the user can be viewed domain controller.

5.Information on the counters informsthe failed and successful logons

6.SID, GUID information and SID History has been shown.

C)some of the specific challenges and risks associated with account management in a large infrastructure:

1.There is an inherent conflict between the aspiration of data to limit the number of records and volatility of potential future.

2.It is important to maintain flexibility to respond to unforeseen changes over the life cycle of a project when there is larger infrastructure.

3.It requires an end-to-end risk-management view, as opposed, individualized process-step responsibility when the capacity of data is vulnerable.

4.The mitigation capabilities causes risks with account management in a large infrastructure.

D)Inadequate access controls or access management leave critical information vulnerable:  

1.If there is no proper access management,there will be problem in loosing security of which data is viewed by whom.

2.It is important to access and maintain employees only to access their job or function.

3.There is no urgency to remove access at any time before checking data concurrency.

4.Major problem with incorrect access management is audits and compliance issues.

E)protections does encryption offer and how important is key management to keeping any encryption system secured:

1.Private key and public key gives protection which improves complexity, and in particular this means dealing with encryption keys.

2.It Encouraged organisations to encrypt their data more and more,removable media such as tapes and mobile devices like laptops.

3.checking the protection of ensure the central key repository.

4.It provides a public key to encrypt data and a private key to decrypt data.

F)Advantages or challenges might there be managing these identities and associated keys:

1.Insufficient iteration between client and contractor's top team is the challange in managing associated keys

2.Proactive risk activation is a major advantage in cloud-hosted Infrastructure as a Service (IaaS) environment with many users accessing these systems.

3.On site visual management and onsite change handling can be done in cloud hosted Iaas.

4.Consistency over management approval of multiple adjustments.

G)Tools and processes demonstrated in the lab might be used by an infrastructure administrator to help secure an environment:

1.Industry experts and security professionals,responsible for software security are using this infrastructure administrator to help secure an environment.

2.These tools are used in Measuring Security in the economics of insecure software.

3.This brings deeper understanding of the vulnerabilities to the security reasons.

4.Helps in economics and security for the study of academic researchers.

5.It helps in perform various levels of testing.

6.It helps in to understand the scope of security,develops mindset.

7.Helps in the understanding of right tools to specifically disallowed use case.

8.Use Source Code When Available during a black box engagement.

9.Brings the testing techniques to understand more.

10.Document of test results can be formed using this tool.

Kindly revert for any queries

Thanks.