SlideShare a Scribd company logo

Please read the following article written by KLC Consulting, compare.docx

Download as DOCX, PDF
D
DIPESH30

Please read the following article written by KLC Consulting, compare these policies to the policies you have at work now, or have had in the past. Explain why password policies are good and how they can be manipulated. If a business has a strict account and management policy in place does that make it safe? Why/Why not? Find an article online that reported a network or data security breach, how did it impact the company? KLC Consulting, Inc. IS / IT Security Services  Here are some recommendations on your user account and password management.  Keep in mind that your security policies depend strictly on your business requirements!  Security and performance move inversely - the higher the security measures, the lower the performance and efficiency. Rename the default administrator account “Administrator” to something harder to guess.  This will prevent people from guessing your administrator account.  Make sure you remember the new administrator account and password.  You will need to login as local administrator to make any changes to the computer configuration, hardware and software installations. After you have renamed the administrator account, you should no longer see an account named “Administrator”. Next, create a decoy account.  Create a new user called “Administrator”, and make sure it does NOT belong to any groups.  In another words, when you click on the “Member of” tab in the user properties in the User Management window, you should not see any groups listed.  If you do, remove them.  This will make sure this decoy account named “Administrator” has no access to the server. If you have the Audit for logon/logoff turned on, you will be able to detect any logon/logoff activities by the decoy “Administrator” user account.  You can detect these activities by using Event Viewer to check Security Logs.  This will give you some indication of hacking activities. Make sure the passwords for Administrator and regular user accounts are changed every 30 – 90 days to increase server security. Password policies on the Windows 2000 should be changed from the default settings.  Here are default password policy settings: Enforce password history 1 passwords remembered Maximum password age 42 days Minimum password age 0 days Minimum password length 0 characters Passwords must meet complexity requirements Disabled Store password using reversible encryption for all users in the domain Disabled Here is the default Account Lockout policy settings: Account lockout duration Not defined Account lockout threshold 0 invalid logon attempts Reset account lockout counter after Not defined Here are some suggested settings for the password policy:   MS = Microsoft     NSA = National Security Agency     NIST = National Institute of Standards and Technology Policy: Ref. Values: Rec. Value: Reason: Enforce password history 12 passwords remembered Users can not re-use passwords from the past 3 years Maximum password age MS:  42 90 days User Must chang.

Education
1 of 8
Please read the following article written by KLC Consulting, compare these policies to the policies you have at work now, or have had in the past. Explain why password policies are good and how they can be manipulated. If a business has a strict account and management policy in place does that make it safe? Why/Why not? Find an article online that reported a network or data security breach, how did it impact the company? KLC Consulting, Inc. IS / IT Security Services Here are some recommendations on your user account and password management. Keep in mind that your security policies depend strictly on your business requirements! Security and performance move inversely - the higher the security measures, the lower the performance and efficiency. Rename the default administrator account “Administrator” to something harder to guess. This will prevent people from guessing your administrator account. Make sure you remember the new administrator account and password. You will need to login as local administrator to make any changes to the computer configuration, hardware and software installations. After you have renamed the administrator account, you should no longer see an account named “Administrator”. Next, create a decoy account. Create a new user called “Administrator”, and make sure it does NOT belong to any groups. In another words, when you click on the “Member of” tab in the user properties in the User Management window, you should not see any groups listed. If you do, remove them. This will make sure this decoy account named “Administrator” has no access to the server. If you have the Audit for logon/logoff turned on, you will be able to detect any logon/logoff activities by the decoy “Administrator” user account. You can detect these activities by using Event Viewer to check Security Logs. This will give you some indication of hacking activities.
Make sure the passwords for Administrator and regular user accounts are changed every 30 – 90 days to increase server security. Password policies on the Windows 2000 should be changed from the default settings. Here are default password policy settings: Enforce password history 1 passwords remembered Maximum password age 42 days Minimum password age 0 days Minimum password length 0 characters Passwords must meet complexity requirements Disabled Store password using reversible encryption for all users in the domain Disabled Here is the default Account Lockout policy settings: Account lockout duration Not defined Account lockout threshold 0 invalid logon attempts Reset account lockout counter after Not defined Here are some suggested settings for the password policy: MS = Microsoft NSA = National Security Agency NIST = National Institute of Standards and Technology Policy: Ref. Values: Rec. Value: Reason: Enforce password history
12 passwords remembered Users can not re-use passwords from the past 3 years Maximum password age MS: 42 90 days User Must change passwords within 90 days. Usually between 30 – 90 days. Sys Admin can decide a reasonable value. NSA: 42 SANS: 45-90 NIST: 90 Minimum password age MS: 2 1 days User can’t reset password within 1 days. This will prevent intruders from constantly trying different passwords. NSA: 2 SANS: 1 - 5 NIST: 1 Minimum password length MS: 8 8 characters Usually between 6 – 12 characters. 6-8 characters is a more common length. NSA: 12 SANS: 8 NIST: 8 Passwords must meet complexity requirements Disabled (You decide) If set with default passfilt.dll: Passwords must be at least six characters long. Passwords can't contain the user name. For example, if a user's account is "bobm", he can't set his password as bobm, or bobxxx. Passwords must use at least three of the four available character
types: lowercase letters, uppercase letters, numbers, and symbols (+,=,_,*,&,…). Store password using reversible encryption for all users in the domain Disabled (You decide) Usually not set. Learn more from the Microsoft link below. Here are some suggested settings for the password policy: Policy: Ref. Value: Rec. Value: Reason: Account lockout duration MS: 0 (indefinite) 15 minutes You must pre-determine the system administration costs to justify this value. You can set to 30 minutes to automatically remove the lockout for accounts, however, most legitimate users will call you anyway when they get locked out. Note: value “0” means to lockout indefinitely. 99999 minutes is the maximum number allowed for this policy. NSA: 15 SANS: 240 NIST: 15 Account lockout threshold MS: 5 3 invalid logon attempts Legitimate users should not have to try more than 3 times to get the right passwords. If they do, the account will get locked out. The system administrator can investigate this further to find the reason for the lockout. If many legitimate users are getting locked out, then either this value may be modified accordingly, or someone may be trying to guess passwords to get into the network. 3 attempts is a common value for this
policy. NSA: 3 SANS: 5 NIST: 3 Reset account lockout counter after MS: 30 15-30 minutes The time required before resetting the counter for bad password attempts. 15 - 30 minutes lockout time is usually sufficient. After this time, the counter for bad password attempts resets to 0. For example, if this value is set to 15 minutes and a user tried 2 bad passwords to logon to his account at 12:00PM, Windows 2000 has a counter remembering that he has 2 bad password attempts. At 12:16PM, this counter will be reset to 0. NSA: 15 SANS: 240 NIST: 15 For more information on the settings, you can find details on Microsoft website: Creating User and Group Accounts 4. Make sure users do NOT write down their passwords and post it on the computer monitor, keyboard, or under the desk. You may laugh, but if you check your users, you will be surprised at the number of users who do this. If they do need to write down their password for whatever reason, make sure the passwords are stored in a secure location, i.e. locked drawer. 5. Make sure users do NOT share passwords with other people. 6. Make sure users do NOT reveal passwords to anyone other than
the system administrators and people delegated by the system administrators. 7. Enable logging for successful and failed logon/logoff events. This shows you the activities on your system. 8. If you are a system administrator for a business environment, make sure you set the local administrator account for the desktop users. Users should NOT know the passwords for the local administrator account. If you are a home user, make sure you have a strong password for your “Administrator” accounts. Make sure “Administrator” accounts have NO BLANK PASSWORDS, and NO EASY TO GUESS PASSWORDS. Many have discovered that several Trojans and worms tried to get into Windows 2000 systems with easy to guess passwords, e.g. “Administrator” account with BLANK password, “Administrator” account with “Administrator” as the password, “admin” account with “admin”, “root” with “root”, and so on… Be careful! Many people don't set strong passwords, which is like leaving the door to your house open at night when you are sleeping! Your password is your first line of defense. For sample passwords that were included in some Trojans' password dictionaries, please refer to http://www.klcconsulting.net/mirc_virus_analysis.htm and http://www.klcconsulting.net/deloder_worm.htm . This should be a good start for good password management and
user account policies. Microsoft does provide some good security guidelines on Windows 2000, and you should definitely go over in more detail the recommendations of Microsoft. Again, you can find more Account and Group account management from Microsoft at http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/windows2000serv/deploy/confeat/08w2kada.as p Reference: · Microsoft Security Best Practices on Windows 2000 servers - http://www.microsoft.com/technet/security/prodtech/windows/se cwin2k/default.asp · Microsoft Solution Guide for Securing Windows 2000 Server - download · NSA Security Template - http://www.nsa.gov/snac/win2k/index.html · NIST Security Template -
http://csrc.nist.gov/itsec/guidance_W2Kpro.html

Recommended

Dell Password Manager Introduction
Dell Password Manager IntroductionDell Password Manager Introduction
Dell Password Manager IntroductionAidy Tificate
 
IAM Password
IAM PasswordIAM Password
IAM PasswordAidy Tificate
 
How to Fix the Incorrect Password Issue on RDP.pdf
How to Fix the Incorrect Password Issue on RDP.pdfHow to Fix the Incorrect Password Issue on RDP.pdf
How to Fix the Incorrect Password Issue on RDP.pdfHost It Smart
 
Examen
ExamenExamen
ExamenBrandonsito
 
Active directory account lockouts
Active directory account lockoutsActive directory account lockouts
Active directory account lockoutsRichard Diver
 
Fortress SQL Server
Fortress SQL ServerFortress SQL Server
Fortress SQL Serverwebhostingguy
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramBeyondTrust
 
The Business Case for Account Lockout Management
The Business Case for Account Lockout ManagementThe Business Case for Account Lockout Management
The Business Case for Account Lockout ManagementNetwrix Corporation
 

Recommended

Dell Password Manager Introduction
Dell Password Manager IntroductionDell Password Manager Introduction
Dell Password Manager IntroductionAidy Tificate
 
IAM Password
IAM PasswordIAM Password
IAM PasswordAidy Tificate
 
How to Fix the Incorrect Password Issue on RDP.pdf
How to Fix the Incorrect Password Issue on RDP.pdfHow to Fix the Incorrect Password Issue on RDP.pdf
How to Fix the Incorrect Password Issue on RDP.pdfHost It Smart
 
Examen
ExamenExamen
ExamenBrandonsito
 
Active directory account lockouts
Active directory account lockoutsActive directory account lockouts
Active directory account lockoutsRichard Diver
 
Fortress SQL Server
Fortress SQL ServerFortress SQL Server
Fortress SQL Serverwebhostingguy
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramBeyondTrust
 
The Business Case for Account Lockout Management
The Business Case for Account Lockout ManagementThe Business Case for Account Lockout Management
The Business Case for Account Lockout ManagementNetwrix Corporation
 
Ch10 system administration
Ch10 system administration Ch10 system administration
Ch10 system administration Raja Waseem Akhtar
 
Ch10
Ch10Ch10
Ch10Raja Waseem Akhtar
 
XP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applicationsXP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applicationsVlad Fedosov
 
Userpasswrd
UserpasswrdUserpasswrd
Userpasswrdoracle documents
 
8 passwordsecurity
8 passwordsecurity8 passwordsecurity
8 passwordsecurityricharddxd
 
Securing Windows web servers
Securing Windows web serversSecuring Windows web servers
Securing Windows web serversInformation Technology
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsPortalGuard
 
sun solaris
sun solarissun solaris
sun solarisAshis Das (CSE,MBA,RHCSA,RHCE)
 
WordPress Security Guide
WordPress Security GuideWordPress Security Guide
WordPress Security GuideTrainings Webversity
 
University Security Policy and Usage Document
University Security Policy and Usage DocumentUniversity Security Policy and Usage Document
University Security Policy and Usage DocumentRyan Hughes
 
The Windows Password Policy is Not Enough
The Windows Password Policy is Not EnoughThe Windows Password Policy is Not Enough
The Windows Password Policy is Not EnoughnFront Security
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1Frank Avila Zapata
 
Desktop and server securityse
Desktop and server securityseDesktop and server securityse
Desktop and server securityseAppin Ara
 
Desktop and Server Security
Desktop and Server SecurityDesktop and Server Security
Desktop and Server SecurityAbhinit Kumar Sharma
 
You may be compliant, but are you really secure?
You may be compliant, but are you really secure?You may be compliant, but are you really secure?
You may be compliant, but are you really secure?Thomas Burg
 
You may be compliant...
You may be compliant...You may be compliant...
You may be compliant...Greg Swedosh
 
I Forgot Your Password: Breaking Modern Password Recovery Systems
I Forgot Your Password: Breaking Modern Password Recovery SystemsI Forgot Your Password: Breaking Modern Password Recovery Systems
I Forgot Your Password: Breaking Modern Password Recovery SystemsPriyanka Aash
 
3_Network Policies_MDR.pdf
3_Network Policies_MDR.pdf3_Network Policies_MDR.pdf
3_Network Policies_MDR.pdfMILDREDRODRIGUEZ28
 
Protect Your Business With Web Security
Protect Your Business With Web SecurityProtect Your Business With Web Security
Protect Your Business With Web SecurityHarrison Kenyon Marketing
 
Defcon9 Presentation2001
Defcon9 Presentation2001Defcon9 Presentation2001
Defcon9 Presentation2001Miguel Ibarra
 
please write a short essay to address the following questions. Lengt.docx
please write a short essay to address the following questions. Lengt.docxplease write a short essay to address the following questions. Lengt.docx
please write a short essay to address the following questions. Lengt.docxDIPESH30
 
please write a diary entry from the perspective of a French Revoluti.docx
please write a diary entry from the perspective of a French Revoluti.docxplease write a diary entry from the perspective of a French Revoluti.docx
please write a diary entry from the perspective of a French Revoluti.docxDIPESH30
 

More Related Content

Similar to Please read the following article written by KLC Consulting, compare.docx

XP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applicationsXP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applicationsVlad Fedosov
 
8 passwordsecurity
8 passwordsecurity8 passwordsecurity
8 passwordsecurityricharddxd
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsPortalGuard
 
University Security Policy and Usage Document
University Security Policy and Usage DocumentUniversity Security Policy and Usage Document
University Security Policy and Usage DocumentRyan Hughes
 
The Windows Password Policy is Not Enough
The Windows Password Policy is Not EnoughThe Windows Password Policy is Not Enough
The Windows Password Policy is Not EnoughnFront Security
 
Desktop and server securityse
Desktop and server securityseDesktop and server securityse
Desktop and server securityseAppin Ara
 
You may be compliant, but are you really secure?
You may be compliant, but are you really secure?You may be compliant, but are you really secure?
You may be compliant, but are you really secure?Thomas Burg
 
You may be compliant...
You may be compliant...You may be compliant...
You may be compliant...Greg Swedosh
 
I Forgot Your Password: Breaking Modern Password Recovery Systems
I Forgot Your Password: Breaking Modern Password Recovery SystemsI Forgot Your Password: Breaking Modern Password Recovery Systems
I Forgot Your Password: Breaking Modern Password Recovery SystemsPriyanka Aash
 
Defcon9 Presentation2001
Defcon9 Presentation2001Defcon9 Presentation2001
Defcon9 Presentation2001Miguel Ibarra
 

Similar to Please read the following article written by KLC Consulting, compare.docx (20)

Ch10 system administration
Ch10 system administration Ch10 system administration
Ch10 system administration
 
Ch10
Ch10Ch10
Ch10
 
XP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applicationsXP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applications
 
Userpasswrd
UserpasswrdUserpasswrd
Userpasswrd
 
8 passwordsecurity
8 passwordsecurity8 passwordsecurity
8 passwordsecurity
 
Securing Windows web servers
Securing Windows web serversSecuring Windows web servers
Securing Windows web servers
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple Passwords
 
sun solaris
sun solarissun solaris
sun solaris
 
WordPress Security Guide
WordPress Security GuideWordPress Security Guide
WordPress Security Guide
 
University Security Policy and Usage Document
University Security Policy and Usage DocumentUniversity Security Policy and Usage Document
University Security Policy and Usage Document
 
The Windows Password Policy is Not Enough
The Windows Password Policy is Not EnoughThe Windows Password Policy is Not Enough
The Windows Password Policy is Not Enough
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1
 
Desktop and server securityse
Desktop and server securityseDesktop and server securityse
Desktop and server securityse
 
Desktop and Server Security
Desktop and Server SecurityDesktop and Server Security
Desktop and Server Security
 
You may be compliant, but are you really secure?
You may be compliant, but are you really secure?You may be compliant, but are you really secure?
You may be compliant, but are you really secure?
 
You may be compliant...
You may be compliant...You may be compliant...
You may be compliant...
 
I Forgot Your Password: Breaking Modern Password Recovery Systems
I Forgot Your Password: Breaking Modern Password Recovery SystemsI Forgot Your Password: Breaking Modern Password Recovery Systems
I Forgot Your Password: Breaking Modern Password Recovery Systems
 
3_Network Policies_MDR.pdf
3_Network Policies_MDR.pdf3_Network Policies_MDR.pdf
3_Network Policies_MDR.pdf
 
Protect Your Business With Web Security
Protect Your Business With Web SecurityProtect Your Business With Web Security
Protect Your Business With Web Security
 
Defcon9 Presentation2001
Defcon9 Presentation2001Defcon9 Presentation2001
Defcon9 Presentation2001
 

More from DIPESH30

please write a short essay to address the following questions. Lengt.docx
please write a short essay to address the following questions. Lengt.docxplease write a short essay to address the following questions. Lengt.docx
please write a short essay to address the following questions. Lengt.docxDIPESH30
 
please write a diary entry from the perspective of a French Revoluti.docx
please write a diary entry from the perspective of a French Revoluti.docxplease write a diary entry from the perspective of a French Revoluti.docx
please write a diary entry from the perspective of a French Revoluti.docxDIPESH30
 
Please write the definition for these words and provide .docx
Please write the definition for these words and provide .docxPlease write the definition for these words and provide .docx
Please write the definition for these words and provide .docxDIPESH30
 
Please view the filmThomas A. Edison Father of Invention, A .docx
Please view the filmThomas A. Edison Father of Invention, A .docxPlease view the filmThomas A. Edison Father of Invention, A .docx
Please view the filmThomas A. Edison Father of Invention, A .docxDIPESH30
 
Please watch the clip from the movie The Break Up.  Then reflect w.docx
Please watch the clip from the movie The Break Up.  Then reflect w.docxPlease watch the clip from the movie The Break Up.  Then reflect w.docx
Please watch the clip from the movie The Break Up.  Then reflect w.docxDIPESH30
 
please write a report on Social Media and ERP SystemReport should.docx
please write a report on Social Media and ERP SystemReport should.docxplease write a report on Social Media and ERP SystemReport should.docx
please write a report on Social Media and ERP SystemReport should.docxDIPESH30
 
Please write 200 wordsHow has the healthcare delivery system chang.docx
Please write 200 wordsHow has the healthcare delivery system chang.docxPlease write 200 wordsHow has the healthcare delivery system chang.docx
Please write 200 wordsHow has the healthcare delivery system chang.docxDIPESH30
 
Please view the documentary on Typhoid Mary at httpswww..docx
Please view the documentary on Typhoid Mary at httpswww..docxPlease view the documentary on Typhoid Mary at httpswww..docx
Please view the documentary on Typhoid Mary at httpswww..docxDIPESH30
 
Please use the two attachments posted to complete work.  Detailed in.docx
Please use the two attachments posted to complete work.  Detailed in.docxPlease use the two attachments posted to complete work.  Detailed in.docx
Please use the two attachments posted to complete work.  Detailed in.docxDIPESH30
 
Please use the sources in the outline (see photos)The research.docx
Please use the sources in the outline (see photos)The research.docxPlease use the sources in the outline (see photos)The research.docx
Please use the sources in the outline (see photos)The research.docxDIPESH30
 
Please submit a minimum of five (5) detailed and discussion-provokin.docx
Please submit a minimum of five (5) detailed and discussion-provokin.docxPlease submit a minimum of five (5) detailed and discussion-provokin.docx
Please submit a minimum of five (5) detailed and discussion-provokin.docxDIPESH30
 
Please think about the various learning activities you engaged in du.docx
Please think about the various learning activities you engaged in du.docxPlease think about the various learning activities you engaged in du.docx
Please think about the various learning activities you engaged in du.docxDIPESH30
 
Please type out the question and answer it underneath. Each question.docx
Please type out the question and answer it underneath. Each question.docxPlease type out the question and answer it underneath. Each question.docx
Please type out the question and answer it underneath. Each question.docxDIPESH30
 
Please use the following technique-Outline the legal issues t.docx
Please use the following technique-Outline the legal issues t.docxPlease use the following technique-Outline the legal issues t.docx
Please use the following technique-Outline the legal issues t.docxDIPESH30
 
Please use from these stratagies This homework will be to copyies .docx
Please use from these stratagies This homework will be to copyies .docxPlease use from these stratagies This homework will be to copyies .docx
Please use from these stratagies This homework will be to copyies .docxDIPESH30
 
PLEASE THOROUGHLY ANSWER THE FOLLOWING FIVE QUESTIONS BELOW IN.docx
PLEASE THOROUGHLY ANSWER THE FOLLOWING FIVE QUESTIONS BELOW IN.docxPLEASE THOROUGHLY ANSWER THE FOLLOWING FIVE QUESTIONS BELOW IN.docx
PLEASE THOROUGHLY ANSWER THE FOLLOWING FIVE QUESTIONS BELOW IN.docxDIPESH30
 
Please share your thoughts about how well your employer, military .docx
Please share your thoughts about how well your employer, military .docxPlease share your thoughts about how well your employer, military .docx
Please share your thoughts about how well your employer, military .docxDIPESH30
 
Please select and answer one of the following topics in a well-org.docx
Please select and answer one of the following topics in a well-org.docxPlease select and answer one of the following topics in a well-org.docx
Please select and answer one of the following topics in a well-org.docxDIPESH30
 
Please see the attachment for the actual work that is require.  This.docx
Please see the attachment for the actual work that is require.  This.docxPlease see the attachment for the actual work that is require.  This.docx
Please see the attachment for the actual work that is require.  This.docxDIPESH30
 
Please see the attachment and look over the LOOK HERE FIRST file b.docx
Please see the attachment and look over the LOOK HERE FIRST file b.docxPlease see the attachment and look over the LOOK HERE FIRST file b.docx
Please see the attachment and look over the LOOK HERE FIRST file b.docxDIPESH30
 

More from DIPESH30 (20)

please write a short essay to address the following questions. Lengt.docx
please write a short essay to address the following questions. Lengt.docxplease write a short essay to address the following questions. Lengt.docx
please write a short essay to address the following questions. Lengt.docx
 
please write a diary entry from the perspective of a French Revoluti.docx
please write a diary entry from the perspective of a French Revoluti.docxplease write a diary entry from the perspective of a French Revoluti.docx
please write a diary entry from the perspective of a French Revoluti.docx
 
Please write the definition for these words and provide .docx
Please write the definition for these words and provide .docxPlease write the definition for these words and provide .docx
Please write the definition for these words and provide .docx
 
Please view the filmThomas A. Edison Father of Invention, A .docx
Please view the filmThomas A. Edison Father of Invention, A .docxPlease view the filmThomas A. Edison Father of Invention, A .docx
Please view the filmThomas A. Edison Father of Invention, A .docx
 
Please watch the clip from the movie The Break Up.  Then reflect w.docx
Please watch the clip from the movie The Break Up.  Then reflect w.docxPlease watch the clip from the movie The Break Up.  Then reflect w.docx
Please watch the clip from the movie The Break Up.  Then reflect w.docx
 
please write a report on Social Media and ERP SystemReport should.docx
please write a report on Social Media and ERP SystemReport should.docxplease write a report on Social Media and ERP SystemReport should.docx
please write a report on Social Media and ERP SystemReport should.docx
 
Please write 200 wordsHow has the healthcare delivery system chang.docx
Please write 200 wordsHow has the healthcare delivery system chang.docxPlease write 200 wordsHow has the healthcare delivery system chang.docx
Please write 200 wordsHow has the healthcare delivery system chang.docx
 
Please view the documentary on Typhoid Mary at httpswww..docx
Please view the documentary on Typhoid Mary at httpswww..docxPlease view the documentary on Typhoid Mary at httpswww..docx
Please view the documentary on Typhoid Mary at httpswww..docx
 
Please use the two attachments posted to complete work.  Detailed in.docx
Please use the two attachments posted to complete work.  Detailed in.docxPlease use the two attachments posted to complete work.  Detailed in.docx
Please use the two attachments posted to complete work.  Detailed in.docx
 
Please use the sources in the outline (see photos)The research.docx
Please use the sources in the outline (see photos)The research.docxPlease use the sources in the outline (see photos)The research.docx
Please use the sources in the outline (see photos)The research.docx
 
Please submit a minimum of five (5) detailed and discussion-provokin.docx
Please submit a minimum of five (5) detailed and discussion-provokin.docxPlease submit a minimum of five (5) detailed and discussion-provokin.docx
Please submit a minimum of five (5) detailed and discussion-provokin.docx
 
Please think about the various learning activities you engaged in du.docx
Please think about the various learning activities you engaged in du.docxPlease think about the various learning activities you engaged in du.docx
Please think about the various learning activities you engaged in du.docx
 
Please type out the question and answer it underneath. Each question.docx
Please type out the question and answer it underneath. Each question.docxPlease type out the question and answer it underneath. Each question.docx
Please type out the question and answer it underneath. Each question.docx
 
Please use the following technique-Outline the legal issues t.docx
Please use the following technique-Outline the legal issues t.docxPlease use the following technique-Outline the legal issues t.docx
Please use the following technique-Outline the legal issues t.docx
 
Please use from these stratagies This homework will be to copyies .docx
Please use from these stratagies This homework will be to copyies .docxPlease use from these stratagies This homework will be to copyies .docx
Please use from these stratagies This homework will be to copyies .docx
 
PLEASE THOROUGHLY ANSWER THE FOLLOWING FIVE QUESTIONS BELOW IN.docx
PLEASE THOROUGHLY ANSWER THE FOLLOWING FIVE QUESTIONS BELOW IN.docxPLEASE THOROUGHLY ANSWER THE FOLLOWING FIVE QUESTIONS BELOW IN.docx
PLEASE THOROUGHLY ANSWER THE FOLLOWING FIVE QUESTIONS BELOW IN.docx
 
Please share your thoughts about how well your employer, military .docx
Please share your thoughts about how well your employer, military .docxPlease share your thoughts about how well your employer, military .docx
Please share your thoughts about how well your employer, military .docx
 
Please select and answer one of the following topics in a well-org.docx
Please select and answer one of the following topics in a well-org.docxPlease select and answer one of the following topics in a well-org.docx
Please select and answer one of the following topics in a well-org.docx
 
Please see the attachment for the actual work that is require.  This.docx
Please see the attachment for the actual work that is require.  This.docxPlease see the attachment for the actual work that is require.  This.docx
Please see the attachment for the actual work that is require.  This.docx
 
Please see the attachment and look over the LOOK HERE FIRST file b.docx
Please see the attachment and look over the LOOK HERE FIRST file b.docxPlease see the attachment and look over the LOOK HERE FIRST file b.docx
Please see the attachment and look over the LOOK HERE FIRST file b.docx
 

Recently uploaded

Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Romantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxRomantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxsqpmdrvczh
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxSherlyMaeNeri
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 

Recently uploaded (20)

Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Rapple "Scholarly Communications and the Sustainable Development Goals"
Rapple "Scholarly Communications and the Sustainable Development Goals"Rapple "Scholarly Communications and the Sustainable Development Goals"
Rapple "Scholarly Communications and the Sustainable Development Goals"
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Romantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptxRomantic Opera MUSIC FOR GRADE NINE pptx
Romantic Opera MUSIC FOR GRADE NINE pptx
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptx
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 

Please read the following article written by KLC Consulting, compare.docx

  • 1. Please read the following article written by KLC Consulting, compare these policies to the policies you have at work now, or have had in the past. Explain why password policies are good and how they can be manipulated. If a business has a strict account and management policy in place does that make it safe? Why/Why not? Find an article online that reported a network or data security breach, how did it impact the company? KLC Consulting, Inc. IS / IT Security Services Here are some recommendations on your user account and password management. Keep in mind that your security policies depend strictly on your business requirements! Security and performance move inversely - the higher the security measures, the lower the performance and efficiency. Rename the default administrator account “Administrator” to something harder to guess. This will prevent people from guessing your administrator account. Make sure you remember the new administrator account and password. You will need to login as local administrator to make any changes to the computer configuration, hardware and software installations. After you have renamed the administrator account, you should no longer see an account named “Administrator”. Next, create a decoy account. Create a new user called “Administrator”, and make sure it does NOT belong to any groups. In another words, when you click on the “Member of” tab in the user properties in the User Management window, you should not see any groups listed. If you do, remove them. This will make sure this decoy account named “Administrator” has no access to the server. If you have the Audit for logon/logoff turned on, you will be able to detect any logon/logoff activities by the decoy “Administrator” user account. You can detect these activities by using Event Viewer to check Security Logs. This will give you some indication of hacking activities.
  • 2. Make sure the passwords for Administrator and regular user accounts are changed every 30 – 90 days to increase server security. Password policies on the Windows 2000 should be changed from the default settings. Here are default password policy settings: Enforce password history 1 passwords remembered Maximum password age 42 days Minimum password age 0 days Minimum password length 0 characters Passwords must meet complexity requirements Disabled Store password using reversible encryption for all users in the domain Disabled Here is the default Account Lockout policy settings: Account lockout duration Not defined Account lockout threshold 0 invalid logon attempts Reset account lockout counter after Not defined Here are some suggested settings for the password policy: MS = Microsoft NSA = National Security Agency NIST = National Institute of Standards and Technology Policy: Ref. Values: Rec. Value: Reason: Enforce password history
  • 3. 12 passwords remembered Users can not re-use passwords from the past 3 years Maximum password age MS: 42 90 days User Must change passwords within 90 days. Usually between 30 – 90 days. Sys Admin can decide a reasonable value. NSA: 42 SANS: 45-90 NIST: 90 Minimum password age MS: 2 1 days User can’t reset password within 1 days. This will prevent intruders from constantly trying different passwords. NSA: 2 SANS: 1 - 5 NIST: 1 Minimum password length MS: 8 8 characters Usually between 6 – 12 characters. 6-8 characters is a more common length. NSA: 12 SANS: 8 NIST: 8 Passwords must meet complexity requirements Disabled (You decide) If set with default passfilt.dll: Passwords must be at least six characters long. Passwords can't contain the user name. For example, if a user's account is "bobm", he can't set his password as bobm, or bobxxx. Passwords must use at least three of the four available character
  • 4. types: lowercase letters, uppercase letters, numbers, and symbols (+,=,_,*,&,…). Store password using reversible encryption for all users in the domain Disabled (You decide) Usually not set. Learn more from the Microsoft link below. Here are some suggested settings for the password policy: Policy: Ref. Value: Rec. Value: Reason: Account lockout duration MS: 0 (indefinite) 15 minutes You must pre-determine the system administration costs to justify this value. You can set to 30 minutes to automatically remove the lockout for accounts, however, most legitimate users will call you anyway when they get locked out. Note: value “0” means to lockout indefinitely. 99999 minutes is the maximum number allowed for this policy. NSA: 15 SANS: 240 NIST: 15 Account lockout threshold MS: 5 3 invalid logon attempts Legitimate users should not have to try more than 3 times to get the right passwords. If they do, the account will get locked out. The system administrator can investigate this further to find the reason for the lockout. If many legitimate users are getting locked out, then either this value may be modified accordingly, or someone may be trying to guess passwords to get into the network. 3 attempts is a common value for this
  • 5. policy. NSA: 3 SANS: 5 NIST: 3 Reset account lockout counter after MS: 30 15-30 minutes The time required before resetting the counter for bad password attempts. 15 - 30 minutes lockout time is usually sufficient. After this time, the counter for bad password attempts resets to 0. For example, if this value is set to 15 minutes and a user tried 2 bad passwords to logon to his account at 12:00PM, Windows 2000 has a counter remembering that he has 2 bad password attempts. At 12:16PM, this counter will be reset to 0. NSA: 15 SANS: 240 NIST: 15 For more information on the settings, you can find details on Microsoft website: Creating User and Group Accounts 4. Make sure users do NOT write down their passwords and post it on the computer monitor, keyboard, or under the desk. You may laugh, but if you check your users, you will be surprised at the number of users who do this. If they do need to write down their password for whatever reason, make sure the passwords are stored in a secure location, i.e. locked drawer. 5. Make sure users do NOT share passwords with other people. 6. Make sure users do NOT reveal passwords to anyone other than
  • 6. the system administrators and people delegated by the system administrators. 7. Enable logging for successful and failed logon/logoff events. This shows you the activities on your system. 8. If you are a system administrator for a business environment, make sure you set the local administrator account for the desktop users. Users should NOT know the passwords for the local administrator account. If you are a home user, make sure you have a strong password for your “Administrator” accounts. Make sure “Administrator” accounts have NO BLANK PASSWORDS, and NO EASY TO GUESS PASSWORDS. Many have discovered that several Trojans and worms tried to get into Windows 2000 systems with easy to guess passwords, e.g. “Administrator” account with BLANK password, “Administrator” account with “Administrator” as the password, “admin” account with “admin”, “root” with “root”, and so on… Be careful! Many people don't set strong passwords, which is like leaving the door to your house open at night when you are sleeping! Your password is your first line of defense. For sample passwords that were included in some Trojans' password dictionaries, please refer to http://www.klcconsulting.net/mirc_virus_analysis.htm and http://www.klcconsulting.net/deloder_worm.htm . This should be a good start for good password management and
  • 7. user account policies. Microsoft does provide some good security guidelines on Windows 2000, and you should definitely go over in more detail the recommendations of Microsoft. Again, you can find more Account and Group account management from Microsoft at http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/windows2000serv/deploy/confeat/08w2kada.as p Reference: · Microsoft Security Best Practices on Windows 2000 servers - http://www.microsoft.com/technet/security/prodtech/windows/se cwin2k/default.asp · Microsoft Solution Guide for Securing Windows 2000 Server - download · NSA Security Template - http://www.nsa.gov/snac/win2k/index.html · NIST Security Template -