Provide (2) 150 words response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.
1) Discuss security design principles utilizing different authentication methods and (password) policies.
To begin, authentication is the act or process of verifying and/or proving the identity of a user to show validation. Some common methods of authentication often seen are, username and password, which are usually used on personal computers, e-mail accounts and such. Another methods commonly used for authentication are smart cards, such as common access cards (CAC), mainly used by Department of Defense agencies such the United States Air Force, Army, Marines and Navy; to include other agencies such as the Federal Bureau of Investigation and Central Intelligence Agency. With these agencies using smart cards, this implemented another form of authentication utilizing key certificates to authenticate users accessing information systems.
When discussing security design principles, the first thing that comes to mind is the CIA Triade; Confidentiality, Integrity and Availability or better yet, Confidentiality, Integrity, Availability and Authentication (CIAA). The CIA Triade plays a critical role when discussing the principles of authentication methods and is the building blocks of password policies. During the creation and implementation of user accounts and groups, creating a strict criteria plays a crucial role in preventing unwanted intrusion from attackers. Different methods include, enforcing password complexity/variation, password length, password history/number of times a user can use the same password, password expiration/maximum length of time a user can use the same password, account lockout after inputting the incorrect password to many times and lastly utilizing access control list (ACL).
After completing last week and this week’s lab, I’ve come to the realization that the main purpose or idea behind authentication methods and password policies is to keep out systems safe and secure from intrusions from attackers with malicious intent.
Authentication. (2018, July 13). Retrieved August 11, 2020, from https://techterms.com/definition/authentication
This week’s forum post asks us to discuss design principles utilizing different authentication methods and (password) policies. My experience working in a corporate environment in research and development with a company given laptop, I have had to deal with a lot of authentication and password policies. Though I find it tedious and annoying at times having to change my password or having to do second factor authentication, I understand that they want or patented technology to be secure. Many of us have been in the military and know how tedious the DOD password policies can be. Even the pharmaceutical company I work for now requires their regular employees to change their password every thirty days and it can’t be the same password as the previous five passwords. There are many different authentication methods and password policies. Since our lab dug into password policies last week, I will discuss more of the authentication methods. Biometrics is a common form of authentication. Biometrics can be fingerprint scanning, voice recognition, retinal or iris scans, and face scanning. These can be expensive so it might not be suitable for many companies that don’t need such stringent security protocols. Token authentication can include such hardware as a dongle or RFID chip card. Many of the companies I have work for utilize the token authentication because it is cheaper and fairly secure. My current company requires an RFID card to open all doors in the building and when logging on to a computer you need your login credentials and we use Microsoft’s Authenticator App. Thanks for reading and take care.
Ulisticadmin. (2019, August 16). Common Authentication Methods Used for Network Security. Retrieved August 11, 2020, from https://www.alliancetechpartners.com/common-authentication-methods-used-network-security/