Explain the steps that may be taken by the systems administrator to ensure security of password based access control mechanism.

      

Explain the steps that may be taken by the systems administrator to ensure security of password based access control mechanism.

  

Answers


gregory
Steps that may be taken to ensure security of a password system:
1.Passwords should be changed regularly so that users who have already obtained a password
illegally can be denied continued access to system resources. The network operating system
could be configured by the systems administrator to implement this policy.
2.The system should be configured by the systems administrator to reject previous passwords
that were changed. This measure would deny access to users who had illegally obtained a
password.
3.Logon Ids not used after a number of days should be deactivated to prevent possible misuse.
4.The system should automatically disconnect a logon session if no activity has occurred for a
period of time (e.g. one hour). This reduces the risk of misuse of an active logon session left
un-attended because the user went to lunch, left home, went to a meeting or otherwise forgot
to logoff. This policy is referred to as =time out‘.
5.Password databases on servers or workstations should be encrypted using one-way
encryption. This mode of encryption makes the passwords irreversibly scrambled thus
preventing intruders from decoding them.
6.Duress passwords.
These are passwords which are issued to staff so that in the event they are kidnapped and
forced to reveal a password to grant access to the system an alarm is raised to indicate to the
organization‘s security section that entry is being made under duress.
7.System generated passwords
Here, the system has a routine, which generates passwords and notifies users of each new
word through a secure mailing system. If a password has been changed, the system may be
programmed to accept a use of the old password but to notify security, who can then monitor
entry and, if on the premises, apprehend the offender.
gregorymasila answered the question on November 17, 2017 at 18:15


Next: Briefly describe the key features of a product, event or transaction that make it suitable for bar coding
Previous: Highlight the activities performed during systems delivery

View More Computer Science Questions and Answers | Return to Questions Index


Exams With Marking Schemes

Related Questions