Upload
bathsheba-gordon
View
212
Download
0
Embed Size (px)
Citation preview
1
Air Force Association (AFA)
Cyber Security ProgramMODULE TWOAccess Control
2
1. Access Control
2. Four Steps to Access
3. How Does it Work?
4. User and Guest Accounts
5. Administrator Accounts
6. Threat Table
7. What Can You Do?
AGENDA
3
Access controls are security features that control how people and systems communicate and interact with other systems and resources. They protect the systems and resources from unauthorized access and can also participate in determining the level of authorization after an authentication procedure has successfully completed.
Protected data will:
1. Be Available when it is needed
2. Have Integrity (accurate, complete and protected from unauthorized modification)
3. Be Confidential ( not disclosed to unauthorized individuals, programs or processes)
Access Control
4
WHO ARE YOUIDENTIFICATION – User ID or Account Number
PROVE IT AUTHENTICATION – Password, Smart Card, Fingerprint • 2 of these three assures a Strong or 2-Factor Authentication:
• Something a person knows: Password or combination, keypad # or pin #
• Something a person has: Swipe card, key, access card, badge• Something a person is: Biometrics (fingerprint, iris scan…)
I KNOW WHO YOU ARE -- NOW WHAT WILL I LET YOU DOAUTHORIZATION – List of criteria to determine what
you are allowed to do
I’M WATCHING YOUACCOUNTING – Audit logs and tracking
Four Steps to Access
Iris Scanner
5
NEW STUDENT , NEW BANK ACCT
Online accounts can’t see photo IDs
When you need Access To Systems, Servers, Applications you will need:SYSTEM ADMINISTRATORS: Admin can set up and manage accounts for a small number of people but large organizations require automated services.SPML: Service Provisioning Markup Language manages large #s of accountsSets up new account, configures access rights and manages accountTo Authenticate Identity many use alternative data sources for identity checking. The traditional fields of SSN and DOB are common elements that a fraudsters can easily find out about their victim. Now they ask for data items the the fraudster may not have stolen. These are personal facts which are called “out of wallet”.
How does it work?
6
USER: A standard user accounts allow us to use most of the capabilities of the computer, with permissions granted by an administrator. When we use a standard account, we can use most programs that are installed on the computer.
.
User & Guest Accounts
GUEST: An account for users who don't have a permanent account on your computer or domain. It allows people to use your computer without having access to your personal files. People using the guest account can't install software or hardware, change settings, or create a password.
7
Administrator AccountADMINISTRATOR: An administrator account is a user account that allows us to make changes that will affect other users. Administrators can change security settings, install software and hardware, and access all files on the computer. Administrators can also make changes to other user accounts.Windows accounts have an administrator account that allows the administrator to set up your computer and install any programs that you would like to use. If you are the administrator, we recommend that you use a standard user account for your day-to-day computing after you set up your user account. It's more secure to use a standard user account instead of an administrator account.
8
Agent Vulnerability
Threat
Malware No Antivirus Software
Virus Infection
Hacker Powerful Services Running on a Server
Unauthorized access to Confidential Information
Users Misconfigured Parameter in the Operating System
System Malfunction
Fire Lack of Fire Extinguishers
Facility and Computer Damage and Possible Loss of Life
Employee
Lack of training, standards enforcement and/or auditing
Sharing Mission-Critical Information; Altering Data Inputs and Outputs from Data Processing Applications
Contractor
Lax Access Control Mechanisms
Stealing Trade Secrets
Attacker Poorly Written Application; Lack of Stringent Firewall Settings
Conducting a Buffer Overflow or Denial of Service Attack
Intruder Lack of Security Guard
Breaking Windows and Stealing Computer and Devices
All In One CISSP, Table 2-5
9
COMPLY With POLICIES – Learn what the rules are – 3 types of Policies
1. REGULATORY -- Ensures standards (Healthcare, Financial, Government)
2. ADVISORY – Strongly Advises behaviors and activities (Enable Auditing)
3. INFORMATIVE – Teaches but is not Enforceable (Keep passwords long and unpredictable)
INSTALL ANTIVIRUS – Protect your network and computer
LOOK FOR MALWARE – Remove it and update protections
REMOVE HACKING TOOLS -- Be careful about downloading files
USE STRONG PASSWORDS and CHANGE THEM OFTEN
LIMIT ADMIN ACCOUNTS and DISABLE GUEST ACCOUNTS
SECURE YOUR EQUIPMENT – Don’t leave it in cars or check it at airports
PROTECT AGAINST FIRES/WATER DAMAGE
WHAT CAN YOU DO?
10
DISABLING & ENABLING USER ACCOUNTS – to temporarily prevent a user from getting on the network. You can restore the privileges later. In this case we’ll disable GUEST accounts
1. Obtain Administrator rights
2. Log on as administrator
3. Choose Start/Administrative Tools/Active Directory Users & Computers
The Active Directory Users and Computers Management Console will appear
4. Click Users in the console tree
5. In the Details pane, right click the user that you want to enable or disable (GUEST). Then choose the right command
LABS for ACCESS CONTROL