You have submitted a detail investigation report along with key statics in previous challenge. CISO has presented the risk summary to the senior management and received the approval for this to be listed as a priority item to be budgeted for in this FY.
As next steps, she wants you to conduct remediation of the identified high risks items from the report. This remediation experience should be expended to include various ways an organisation can take to mitigate over-provisioned permissions. As part of this challenge, you will go through remediation of Groups as well as individual Identities and look at how to cater to out-of-band permission requirements.
In-order to complete this challenge you need to do the below task:
After you have completed the exercise, your CISO wants you to submit a summary of findings which highlights the ease of identifying right-sized permissions for a user / group and implementing role changes to make it effective. He would also like to identify options of pushing the remediation activities through your change management cycle.
Your CISO would like to see how these changes positively impact PCI trend and shows improvement in the organisations posture in this space.
| Introduction | Background | Challenge 1 | Challenge 2 | Challenge 3 | Challenge 4 | Challenge 5 | Summmary |
|---|---|---|---|---|---|---|---|
| link | link | link | link | link | link | link | link |