Logical access control methods are extremely important to computer and network security. The purpose of these methods is to implement a new level of security so that users have proper privileges and so that accounts and passwords meet necessary security requirements.
· ACL – ACL is an access control list which houses information that specifies whether or not a user or group has certain accesses and privileges. These lists are set up by the system administrator and control what users can see and access on a network as well as on a computer system. When you’re on a work computer, ACLs are often used to keep users from downloading programs, changing system settings and so on.
· Group policies – Group policies have become the easiest way to restrict or give access to certain operating system components and resources. The settings that are put in place during these group policies are automatically applied and updated as necessary.
· Password policy – Password policy is simply the set of written rules that are part of a security policy that dictate specific password requirements of both device and user passwords. This usually involves a minimum length, special characters, maximum password age, and so on. Think of a Windows OS system which requires at least an 8 character length password. Some websites require passwords with upper and lowercase letters along with a special character.
· Domain password policy – This policy is the password policy that is set within a GPO which is then distributed throughout a Microsoft Active Directory domain to all of the domain users.
· User names and passwords – User names and passwords should have certain requirements in order to be used. This makes hacking and cracking much harder. Passwords should expire in a certain amount of days.
· Time of day restrictions – Time of day restrictions are often used by companies and employers who have a workforce that utilizes computers for most of the work day. The idea behind these restrictions is that users really only need access during scheduled working hours. After normal working hours, restrictions are put in place to increase security and decrease the chance of an internal or external attack.
· Account expiration – Each and every account on a network needs to have an expiration date. Accounts that are not in use for a certain amount of days should expire; those in use do not have a set expiration date.
· Logical tokens – Logical tokens can be compared to certificates in the idea that they hold a user’s access privileges and rights.
GetCertify4Less and GetCertified4Less
No comments:
Post a Comment