Managing User Account & Password Security Flashcards
When a user leaves the organization, what’s the best thing to do with their account?
Disable it until you know what should happen to it as you may want to re-use it again for another employee
What should be set on a temporary employee’s account as part of good management?
Set the account to expire on their last expected day of work
Admin, Analyst, Root and Wizard are example of what not to use for which type of username?
The Maintenance/Admin Account
What’s the recommended length of a good password?
Between 8 and 15 characters long
Name 5 password management methods
1) Automatic Account Lockouts
2) Password Expiration
3) Password History exclusion
4) Min password length
5) Complex multi-character passwords
Why is it recommended that a network admin should unlock any locked out accounts instead of the operating system doing it automatically?
So they can be sure to know about any possible security breaches.
It’s ok to use the default password expiry length on your network operating syste. TRUE or FALSE?
FALSE - these defaults are usually known by hackers so change it in accordance with your security policy.
What does single sign on use to allow users to access multiple resources with the same password?
an access token
Where is the local user database located and what is ti called?
In windows\system32\config. it is called the Security Accounts Manager
What 3 additional attributes other than the DN (Distinguished Name) and RDN ( Relative DN) does LDAP use to identify an entry in its database?
1) Common Name (CN)
2) Domain Component (DC)
3) Organizational Unit (OU)
What standard provides an entity with the credentials to prove its identity and associates that identity with a public key?
An X.509 certificate (it’s the standard that defines security certificates)
List the 3 Verisign digital certificate classes
1) for individuals and email. These get saved by browsers
2) For organizations
3) For servers and software signing in which independent checking is done by the Certificate Authority
List the 5 ways in which a user could identify themselves
Kill All People And Dogs
1) something they KNOW
2) something they ARE
3) something they POSSESS
4) somewhere they ARE
5) something they DO
