{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Module Two

Strict hiring practices employment agreements

Info iconThis preview shows pages 2–4. Sign up to view the full content.

View Full Document Right Arrow Icon
strict hiring practices, employment agreements, friendly and unfriendly employee termination procedures, vacation scheduling, labeling of sensitive materials, increased supervision, security awareness training, behavior awareness, and sign-up procedures to obtain access to information systems and networks. Polices and procedures, job rotation, sharing of responsibilities Technical Logical system controls, smart cards, bio-metrics, menu shell IDS, logging, monitoring, clipping levels Physical Restrict physical access, guards, man trap, gates Motion detectors, cameras, thermal detectors Identification and Authentication Identification establishes accountability Three Factor Authentication n Something you know (password) n Something you have (token) n Something you are (biometrics) Sometimes - something you do Passwords n Static – same each time n Dynamic – changes each time you logon Tokens – Smartcards Static Password (like software with pin) n Owner Authenticates to the token n Token authenticates to the system Synchronous Dynamic Password n Token – generates passcode value n Pin – user knows n Token and Pin entered into PC n Must fit in valid time window
Background image of page 2

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Asynchronous n Similar to synchronous, new password is generated asynchronously, No time window Challenge Response n System generates challenge string n User enters into token n Token generates response entered into workstation n Mechanism in the workstation determines authentication Biometrics – something you are n Identify – one to many n Authenticate – one to one False Rejection Rate (FRR) – Type I error False Acceptance Rate (FAR) – Type II error Crossover Error Rate – (CER) – CER = % when FRR = FAR Biometric Issues n Enrollment Time – Acceptable rate is 2 minutes per person n Throughput Time – acceptable rate is 10 people per minute Acceptability Issues – privacy, physical, psychological Types of Biometrics n Fingerprints : Are made up of ridge endings and bifurcations exhibited by the friction ridges and other detailed characteristics that are called minutiae. n Retina Scans: Scans the blood-vessel pattern of the retina on the backside of the eyeball. n Iris Scans: Scan the colored portion of the eye that surrounds the pupil. n Facial Scans: Takes attributes and characteristics like bone structures, nose ridges, eye widths, forehead sizes and chin shapes into account. n Palm Scans: The palm has creases, ridges and grooves throughout it that are unique to a specific person. n Hand Geometry: The shape of a person’s hand (the length and width of the hand and fingers) measures hand geometry. n
Background image of page 3
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page2 / 6

strict hiring practices employment agreements friendly and...

This preview shows document pages 2 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon bookmark
Ask a homework question - tutors are online