Assume you are the IT manager for a large international organization. You have been asked to assess the company’s information systems and security controls.
Describe identification, authentication, and authorization.
Explore whether or not you would use Windows ACLs and explain your reasoning.
Evaluate best practices for managing Microsoft Windows and application vulnerabilities.
Keep in mind, we are more interested in your ability to describe the steps you would take to review security goals than providing an answer to this scenario. Remember the strategy of Think, Plan, Design, Implement, and Evaluate.