Evaluate critical operating system security parameters.

Evaluation should include establishing or following

• authentication policy
• access control (i.e., rights and permissions)
• audit policy.

Process/Skill Questions:

• What is a user authentication policy? Why is it important to implement physical and digital access policies? What types of authentication protocols can be used for network access?
• How does an organization or business benefit from a user authentication policy?
• How can access control systems reduce the risk of data breakers and other cyber-attacks?
• How can an audit policy assist with file server access and tracking changes to data security settings? Who is accessing files and folders, and audit file permission changes on a server?