Authentication Discussion
Information Systems need strong security controls to ensure users and data are protected to meet the CIA Triad. The security requirements listed in FIPS 200 (Minimum Security Requirements for Federal Information and Information Systems) include Identification and Authentication. Systems users, processes/applications, and devices must be identified and verified prior to their access to organizational resources.
Authentication is the verification of credentials to confirm the user or other entity is valid. Verification of systems users and processes delegated by users is essential as well as limiting functions and actions a user is permitted to perform within the system. Research best practices and approaches to properly authenticate a user for access to a system resource. Select at least two specific techniques(e.g. password authentication, two factor authentication, biometrics,…) and describe the technique along with the strengths and limitations. Respond to other student posts providing additional insights, feedback and/or examples as applicable.
2. Second Discussion board:
Access Control and Authorization Discussion
Describe access control mechanisms in place to protect files on an enterprise system. Specifically, drill down to permissions associated with read, write, modify, delete, or change ownership as applicable. Consider how roles and groups may enhance the administration and enforcement of access control policies.
Recent Comments