2 cissp ® Official Study Guide Eighth Edition


Control electronic access to files



Download 19,3 Mb.
Pdf ko'rish
bet610/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   606   607   608   609   610   611   612   613   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Control electronic access to files.
Tightly control and monitor electronic access to all 
important data including files containing passwords. End users and those who are not 
account administrators have no need to access a password database file for daily work 
tasks. Security professionals should investigate any unauthorized access to password data-
base files immediately.
Create a strong password policy.
A password policy programmatically enforces the use 
of strong passwords and ensures that users regularly change their passwords. Attackers 
require more time to crack a longer password using multiple character types. Given enough 
time, attackers can discover any password in an offline brute-force attack, so changing 
passwords regularly is required to maintain security. More secure or sensitive environments 
require even stronger passwords, and require users to change their passwords more fre-
quently. Many organizations implement separate password policies for privileged accounts 
such as administrator accounts to ensure that they have stronger passwords and that 
administrators change the passwords more frequently than regular users.
Hash and salt passwords.
Use protocols such as bcrypt and PBKDF2 to salt passwords 
and consider using an external pepper to further protect passwords. Combined with the use 
of strong passwords, salted and peppered passwords are extremely difficult to crack using 
rainbow tables or other methods.
Use password masking.
Ensure that applications never display passwords in clear text on 
any screen. Instead, mask the display of the password by displaying an alternate character 
such as an asterisk (*). This reduces shoulder surfing attempts, but users should be aware 
that an attacker might be able to learn the password by watching the user type the keys on 
the keyboard.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   606   607   608   609   610   611   612   613   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish