Security Basics mailing list archives

Re: 'Read only' Admin privileges for Active Directory environment?

From: "Saqib Ali" <docbook.xml () gmail com>
Date: Fri, 30 Jun 2006 10:59:01 -0700

How do you prove the evidence was not planted by someone else with admin
privileges? If you try to monitor an admin worth his money you will
fail. Period.


???? . This make no sense. If someone outside your IT Administration
Team has an admin password, then you have bigger problems. It shows
that you don't have proper process in place for securing the
administration accounts.

The idea is to have limited number of people access to the admin/root
password. So that minimum number of people need to be investigated in
case of a fraudulent activity.


--
Saqib Ali, CISSP, ISSAP
Support http://www.full-disc-encryption.com

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE

The NSA has designated Norwich University a center of Academic Excellencein Information Security. Our program offers unparalleled Infosec managementeducation and the case study affords you unmatched consulting experience.Using interactive e-Learning technology, you can earn this esteemed degree,without disrupting your career or home life.


http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

Re: 'Read only' Admin privileges for Active Directory environment? Raoul Armfield (Jul 04)
- <Possible follow-ups>
- Re: 'Read only' Admin privileges for Active Directory environment? Saqib Ali (Jul 04)
- Re: Re: 'Read only' Admin privileges for Active Directory environment? sfmailsbm (Jul 05)
  - Re: 'Read only' Admin privileges for Active Directory environment? Raoul Armfield (Jul 06)