Presentation is loading. Please wait.

Presentation is loading. Please wait.

Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.

Published byBathsheba Gordon Modified over 9 years ago

Similar presentations

Presentation on theme: "Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat."— Presentation transcript:

1 Air Force Association (AFA) 1

2 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat Table 7.What Can You Do? 2 AGENDA

3 Access controls are security features that control how people and systems communicate and interact with other systems and resources. They protect the systems and resources from unauthorized access and can also participate in determining the level of authorization after an authentication procedure has successfully completed. Protected data will: 1.Be Available when it is needed 2.Have Integrity (accurate, complete and protected from unauthorized modification) 3.Be Confidential ( not disclosed to unauthorized individuals, programs or processes) 3 Access Control

4 WHO ARE YOU IDENTIFICATION – User ID or Account Number PROVE IT AUTHENTICATION – Password, Smart Card, Fingerprint 2 of these three assures a Strong or 2-Factor Authentication: Something a person knows: Password or combination, keypad # or pin # Something a person has: Swipe card, key, access card, badge Something a person is: Biometrics (fingerprint, iris scan…) I KNOW WHO YOU ARE -- NOW WHAT WILL I LET YOU DO AUTHORIZATION – List of criteria to determine what you are allowed to do I’M WATCHING YOU ACCOUNTING – Audit logs and tracking 4 Four Steps to Access Iris Scanner

5 NEW STUDENT, NEW BANK ACCTOnline accounts can’t see photo IDs When you need Access To Systems, Servers, Applications you will need: SYSTEM ADMINISTRATORS: Admin can set up and manage accounts for a small number of people but large organizations require automated services. SPML: Service Provisioning Markup Language manages large #s of accounts Sets up new account, configures access rights and manages account To Authenticate Identity many use alternative data sources for identity checking. The traditional fields of SSN and DOB are common elements that a fraudsters can easily find out about their victim. Now they ask for data items the the fraudster may not have stolen. These are personal facts which are called “out of wallet”. How does it work? 5

6 USER : A standard user accounts allow us to use most of the capabilities of the computer, with permissions granted by an administrator. When we use a standard account, we can use most programs that are installed on the computer.. User & Guest Accounts 6 GUEST: An account for users who don't have a permanent account on your computer or domain. It allows people to use your computer without having access to your personal files. People using the guest account can't install software or hardware, change settings, or create a password.

7 Administrator Account 7 ADMINISTRATOR: An administrator account is a user account that allows us to make changes that will affect other users. Administrators can change security settings, install software and hardware, and access all files on the computer. Administrators can also make changes to other user accounts. Windows accounts have an administrator account that allows the administrator to set up your computer and install any programs that you would like to use. If you are the administrator, we recommend that you use a standard user account for your day-to-day computing after you set up your user account. It's more secure to use a standard user account instead of an administrator account.

8 AgentVulnerabilityThreat MalwareNo Antivirus SoftwareVirus Infection HackerPowerful Services Running on a Server Unauthorized access to Confidential Information UsersMisconfigured Parameter in the Operating System System Malfunction FireLack of Fire Extinguishers Facility and Computer Damage and Possible Loss of Life EmployeeLack of training, standards enforcement and/or auditing Sharing Mission-Critical Information; Altering Data Inputs and Outputs from Data Processing Applications ContractorLax Access Control Mechanisms Stealing Trade Secrets AttackerPoorly Written Application; Lack of Stringent Firewall Settings Conducting a Buffer Overflow or Denial of Service Attack IntruderLack of Security Guard Breaking Windows and Stealing Computer and Devices 8 All In One CISSP, Table 2-5

9 COMPLY With POLICIES – Learn what the rules are – 3 types of Policies 1.REGULATORY -- Ensures standards (Healthcare, Financial, Government) 2.ADVISORY – Strongly Advises behaviors and activities (Enable Auditing) 3.INFORMATIVE – Teaches but is not Enforceable (Keep passwords long and unpredictable) INSTALL ANTIVIRUS – Protect your network and computer LOOK FOR MALWARE – Remove it and update protections REMOVE HACKING TOOLS -- Be careful about downloading files USE STRONG PASSWORDS and CHANGE THEM OFTEN LIMIT ADMIN ACCOUNTS and DISABLE GUEST ACCOUNTS SECURE YOUR EQUIPMENT – Don’t leave it in cars or check it at airports PROTECT AGAINST FIRES/WATER DAMAGE 9 WHAT CAN YOU DO?

10 DISABLING & ENABLING USER ACCOUNTS – to temporarily prevent a user from getting on the network. You can restore the privileges later. In this case we’ll disable GUEST accounts 1.Obtain Administrator rights 2.Log on as administrator 3.Choose Start/Administrative Tools/Active Directory Users & Computers The Active Directory Users and Computers Management Console will appear 4.Click Users in the console tree 5.In the Details pane, right click the user that you want to enable or disable (GUEST). Then choose the right command 10 LABS for ACCESS CONTROL

Download ppt "Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat."

Similar presentations

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Understand Database Security Concepts

Understand Database Security Concepts
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Installing and Troubleshooting Hardware Device and Drivers Chapter 6 powered by dj.

Installing and Troubleshooting Hardware Device and Drivers Chapter 6 powered by dj.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
OV 11 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.

Course ILT Security Unit objectives Configure operating system and file system security Install a fingerprint scanner and card reader Manage the human.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

Similar presentations

Ads by Google