Course Hero Logo

A strong password should require both upper and

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 23 - 26 out of 30 pages.

A strong password should require both upper and lowercase case characters. It alsomakes the password less susceptible to brute force attacks because the size of thepossible character set is significantly increasing. It dramatically increases the possiblepermutations that must be tried by a password cracking engine to identify the password.A strong password should also contain numbers. Optionally, they can also containnonalphanumeric characters. Again, these factors make the password more difficult tocrack because the size of the possible character set increased again. For example, apassword of a cat could probably be interpreted in a few hours by a password crackingengine. However, a password that looks like this would likely take years to break.Personally Identifiable Passwords[17]You should also train your users not to use passwords that contain personallyidentifiable words, such as your name, birth date, spouse's name, child's name, pet'sname, anniversary date, and hometown. It is a common mistake. To make passwordseasier to remember, end-users commonly use these kinds of words for their passwords.However, this is an insecure practice.Password Rotation23
Passwords also need to be rotated. A user should not have the same password for anextended period. The longer a password is used, the greater the chance that it will becompromised. The more frequently a password is rotated, the less time there will be tobe exposed.The password rotation interval will vary between organizations. For example, if you workin a high-security organization, you will likely be rotated user passwords every couple ofweeks. Other organizations might turn in passwords every 30, 60, or 90 days.File and Folder PermissionsAnother thing you can do to enhance workstation security is to control access to data byimplementing file and folder permissions. According to the principle of least privilege,customers should only access the files and folders required to do their job and no more.To restrict access, you can assign permissions to the system's files and folders toexplicitly limit user access.Guest User Account[18]Another point you can do is disable the guest user account. Some older versions ofWindows included a guest user account to provide unauthenticated guest access to thesystem. Because the guest account is not required to supply a password to log on, itrepresents a security risk. This account disables by default, which recommends. If it isnot disabled, you should manually disable this account.AutoRun24
Another issue to be aware of is AutoRun. If you insert a CD, DVD, Blue-Ray, or USBdrive into an optical drive on most Windows systems, and AutoRun dialog appearsasking you if you want to run the content on the device. Depending upon how thesystem configures, it will automatically run without prompting you. It represents asecurity issue. If the AutoRun content contains malware, could use the disk to spread it.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 30 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Spring
Professor
N/A
Tags

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture