LEARN MORE...

CISS 400 Bethesda University of California Password Protection Policy Discussion

User Generated

Qsnvmba32

Computer Science

CISS 400

Bethesda University of California

CISS

Question Description

I'm working on a operating systems question and need an explanation and answer to help me learn.

First, complete the Hands-on Projects 13-1, 13-2, 13-3, and 13-4 from your text. Next, attach the text file from 13-2 as well as text file with the date, time, and number of times the program has run from 13-4. You do not need to write any of the memos or notes outlined in the activities. I want you to get a feel for the activities you are performing for this investigation before you begin reviewing some policies that address potential legal issues.

Now, let’s set the scene:

Dan is a bit nervous about the Robinson investigation: “It’s a legal minefield.” He asks you to identify the policies that should be reviewed and understood in preparation for the case being thrown out due to legal issues, or, even worse, a lawsuit.

Browse the policies on the SANS institute website. (You may choose other sites as well based on your chapter reading.)

Identify at least three policies you believe need to be understood when conducting an investigation involving cloud storage. Give a short rationale for each policy you select.

Unformatted Attachment Preview


Purchase answer to see full attachment
Student has agreed that all tutoring, explanations, and answers provided by the tutor will be used to help in the learning process and in accordance with Studypool's honor code & terms of service.

Explanation & Answer

View attached explanation and answer. Let me know if you have any questions.

1

CISS 400 DEA - Digital Forensics
Student Name
Course name:
University name:
Professor's info:

2

Password Protection Policy
Passwords are essential for securing user accounts. Unauthorized access and
exploitation of the organization's resources are the outcomes of a poorly picked
password. As a result, all employees and contractors with access to a company's
system must follow the steps listed below to choose and secure their passwords.
To begin, all passwords at the user and system levels must follow the password
construction guidelines. Users must create a separate, distinct password for each
account. Users may not use passwords associated with their work for personal
accounts. User accounts granted authorizations through group memberships must
have a password that is distinct from the passwords of other users (SANS Institute,
n.d.).
Second, only update credentials if you have cause to believe they have been
compromised. The InfoSec Team may do password cracks or guesses periodically or
randomly. In case a password is deciphered in one of these scans, then the user must
replace the password as per the password security guidelines (SANS Institute, n.d.).
Thirdly, authorized users should never share passwords with others. All
passwords must be handled as sensitive and confidential company information. Users
should not include passwords in email messages, alliance cases, or other means of
electronic communication, nor should they be shared with anybody over the phone.
Passwords can be kept in password managers that the company has authorized. The
'remember Users should also avoid password' function of applications. Any user who
suspects their passwords have been compromised must report the situation and reset
all of their passwords immediately (Hashem, n.d.).

3

Application developers must include the following security features in their
programs. Users should never send passwords over the network in clear text.
Applications must support individual user authentication rather than group
authentication. Role management needs to be backed up by programs so that one
person can take over another function without knowing the other's password.
Passwords should never be saved in plain text or in any other form easy to reverse.
Finally, multi-factor authentication is recommended for both personal and work
accounts.
Employee Internet Use Monitoring an...

greelnaa185 (16602)
New York University
Studypool
4.7
Indeed
4.5
Sitejabber
4.4

Similar Content

Information Technology
I have an assignment just following the instruction and questions pleaseThanks...
Unit 4 discussion board for ITCO299
Assignment Details Assignment DescriptionThe Discussion Board (DB) is part of the core of online learning. Classroom discu...
Creating Class Diagrams, computer science homework help
Within the Discussion Board area, write 400–600 words that respond to the following questions with your thoughts, ideas,...
it project management
What can organizations do to ensure that estimates are good? What can they do to prevent cost overruns?...
privacy issues
see attachment...
Blockchains Essay
Short Essay #1: Define Blockchain in your own words. Give an example. What are some of the challenges, costs, and potentia...
2053965 3d
Three dimensional (3D) printing is a modern manufacturing technology that produces 3dimensional objects from digital files...
Expert Opinion
Convincing residents about the benefits of “invasion of privacy”: H.L Mencken, a political writer said that it is a te...
Unib Software Architecture Answer
1. List the different definitions of software architecture as shown in the video. a. Software architecture is those decisi...

Related Tags

University of Maryland Global Campus pccc Saudi electronic university Operating Systems Purdue Global American Public University System North Lake College Wayne County Community College District North Lake College westcliff university North Lake College San Jose State University