1

Air Force Association (AFA)

Cyber Security ProgramMODULE TWOAccess Control

2

1. Access Control

2. Four Steps to Access

3. How Does it Work?

4. User and Guest Accounts

5. Administrator Accounts

6. Threat Table

7. What Can You Do?

AGENDA

3

Access controls are security features that control how people and systems communicate and interact with other systems and resources. They protect the systems and resources from unauthorized access and can also participate in determining the level of authorization after an authentication procedure has successfully completed.

Protected data will:

1. Be Available when it is needed

2. Have Integrity (accurate, complete and protected from unauthorized modification)

3. Be Confidential ( not disclosed to unauthorized individuals, programs or processes)

Access Control

4

WHO ARE YOUIDENTIFICATION – User ID or Account Number

PROVE IT AUTHENTICATION – Password, Smart Card, Fingerprint • 2 of these three assures a Strong or 2-Factor Authentication:

• Something a person knows: Password or combination, keypad # or pin #

• Something a person has: Swipe card, key, access card, badge• Something a person is: Biometrics (fingerprint, iris scan…)

I KNOW WHO YOU ARE -- NOW WHAT WILL I LET YOU DOAUTHORIZATION – List of criteria to determine what

you are allowed to do

I’M WATCHING YOUACCOUNTING – Audit logs and tracking

Four Steps to Access

Iris Scanner

5

NEW STUDENT , NEW BANK ACCT

Online accounts can’t see photo IDs

When you need Access To Systems, Servers, Applications you will need:SYSTEM ADMINISTRATORS: Admin can set up and manage accounts for a small number of people but large organizations require automated services.SPML: Service Provisioning Markup Language manages large #s of accountsSets up new account, configures access rights and manages accountTo Authenticate Identity many use alternative data sources for identity checking. The traditional fields of SSN and DOB are common elements that a fraudsters can easily find out about their victim. Now they ask for data items the the fraudster may not have stolen. These are personal facts which are called “out of wallet”.

How does it work?

6

USER: A standard user accounts allow us to use most of the capabilities of the computer, with permissions granted by an administrator. When we use a standard account, we can use most programs that are installed on the computer.

.

User & Guest Accounts

GUEST: An account for users who don't have a permanent account on your computer or domain. It allows people to use your computer without having access to your personal files. People using the guest account can't install software or hardware, change settings, or create a password.

7

Administrator AccountADMINISTRATOR: An administrator account is a user account that allows us to make changes that will affect other users. Administrators can change security settings, install software and hardware, and access all files on the computer. Administrators can also make changes to other user accounts.Windows accounts have an administrator account that allows the administrator to set up your computer and install any programs that you would like to use. If you are the administrator, we recommend that you use a standard user account for your day-to-day computing after you set up your user account. It's more secure to use a standard user account instead of an administrator account.

8

Agent Vulnerability

Threat

Malware No Antivirus Software

Virus Infection

Hacker Powerful Services Running on a Server

Unauthorized access to Confidential Information

Users Misconfigured Parameter in the Operating System

System Malfunction

Fire Lack of Fire Extinguishers

Facility and Computer Damage and Possible Loss of Life

Employee

Lack of training, standards enforcement and/or auditing

Sharing Mission-Critical Information; Altering Data Inputs and Outputs from Data Processing Applications

Contractor

Lax Access Control Mechanisms

Stealing Trade Secrets

Attacker Poorly Written Application; Lack of Stringent Firewall Settings

Conducting a Buffer Overflow or Denial of Service Attack

Intruder Lack of Security Guard

Breaking Windows and Stealing Computer and Devices

All In One CISSP, Table 2-5

9

COMPLY With POLICIES – Learn what the rules are – 3 types of Policies

1. REGULATORY -- Ensures standards (Healthcare, Financial, Government)

2. ADVISORY – Strongly Advises behaviors and activities (Enable Auditing)

3. INFORMATIVE – Teaches but is not Enforceable (Keep passwords long and unpredictable)

INSTALL ANTIVIRUS – Protect your network and computer

LOOK FOR MALWARE – Remove it and update protections

REMOVE HACKING TOOLS -- Be careful about downloading files

USE STRONG PASSWORDS and CHANGE THEM OFTEN

LIMIT ADMIN ACCOUNTS and DISABLE GUEST ACCOUNTS

SECURE YOUR EQUIPMENT – Don’t leave it in cars or check it at airports

PROTECT AGAINST FIRES/WATER DAMAGE

WHAT CAN YOU DO?

10

DISABLING & ENABLING USER ACCOUNTS – to temporarily prevent a user from getting on the network. You can restore the privileges later. In this case we’ll disable GUEST accounts

1. Obtain Administrator rights

2. Log on as administrator

3. Choose Start/Administrative Tools/Active Directory Users & Computers

The Active Directory Users and Computers Management Console will appear

4. Click Users in the console tree

5. In the Details pane, right click the user that you want to enable or disable (GUEST). Then choose the right command

LABS for ACCESS CONTROL