StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Nuclear Plant Password Policy - Essay Example

Cite this document
Summary
The paper "Nuclear Plant Password Policy" tells us about the identification of digital computer and communications systems and networks associated with Safety-related and important-to-safety functions, Security functions…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93% of users find it useful
Nuclear Plant Password Policy
Read Text Preview

Extract of sample "Nuclear Plant Password Policy"

Nuclear Plant Password Policy Insert Insert Activity 1 As an information officer, what are the information security goals that you need to keep in mind while defining the protection you shall need?(Select all that apply.) The goals are detection, prevention, and recovery 2) What are applicable forms of vulnerabilities? (select all that apply) They include improperly configured software, misuse of communication protocols and damage to Hardware 3) Detail the difference between a threat, vulnerability, and a risk. A threat is anything that poses the danger to the computer system whereas vulnerability refers to a loophole or a weakness that hackers or attackers can use to attack a system. Atheotherhandlikelihoodloss There are situations where a risk is said to be vulnerability but in other cases, some vulnerabilities occur without any risks. Activity 1-2 1) The three most fundamental goals of computer security are: (Select all that apply.) They include confidentiality, integrity, and privilege management. 3) A biometric handprint scanner is as part of a system for granting access to a facility. Once an identity is, the system checks and confirms that the user allowed leaving the lobby and entering the facility, and the electronic door lock is released. This is an example of (Select all that apply.) It is an example of authentication. 3) Katie’s handprint is against a record in the system that indicates that she has been assigned clearance to view the contents of secret documents. Later, at her desk, she tries to connect her folder that is Top Secret, and access is denied. This an example of MAC 4) At the end of the day, the security personnel can view electronic log files that record the identities of everyone who entered and exited the building along with the time of day. This is an example of: Auditing 5) An administrator of a large multinational company can assign access rights and track user’s resource access from a central administrative console. Users throughout the organization can gain access to any system after providing a single username and password. This is an example of: Privilege management Activity 1-3 1) Brian works at a bank. To access his laptop, he inserts his employee ID card into a special card reader. This is an example of: Token-based authentication 2) To access the server room, Brian places his index finger on a fingerprint reader. This is an example of: Biometric authentication 3) To withdraw money from an automatic teller machine, Nancy inserts a card and types a four-digit PIN. This incorporates what types of authentication? Select all that apply.) Token-based, password and multifactor. 4) What is the best example of a token-based authentication? It relies on a card being inserted into a card reader 5) True or False? Mutual authentication protects clients from submitting confidential information to an insecure server. That is true 6) How does multi-factor authentication enhance security? Multifactor authentication enhances security by providing at minimum challenges for the attacker to breach the system. The latter can be extremely difficult with the use of biometrics. Activity 1-4 1) Which algorithm is a hashing encryption algorithm? That is SHA 2) Which of the following is a specific set of actions used to encrypt data? Cipher is used to encrypt data. 3) True or False? A digital signature is an application of hashing encryption because the signature is never transformed back to clear text. That is true 6) What are the distinctions between an encryption algorithm and a key? The distinction is that the encryption algorithm is the general instruction that is applicable to data when changing it to ciphertext. On the other hand, the key refers to the real value that the algorithm uses. Whereas different ciphertext can result from the use of a different key the process of encryption is always similar. 7) What is a potential drawback of symmetric encryption? It is the urge of sharing a key between the parties in play. The latter is a source of compromising that key. 8) What makes public key encryption potentially so secure? it experiences full security as there is no sharing of the key between the parties. 9) Considering that hashing encryption is one-way, and the hash is decrypted, what makes hashing encryption a useful security technique? Because hashing is applicable in verification of data in a number of circumstances that involve authentication using the password. The situation involves the exchange of hashes instead of the real passwords. Both parties can then verify the file or information after the transfer is complete. Activity 1-5 Use the file Nuclear Plant Password Policy for these questions. 1) Open and review the policy file. What type of policy document is this? It is a password policy 2) which standard policy components are in the policy? (Select all that apply.) The standard policy components included in the policy are the policy statement, the standards, and guidelines. 3) How often must system level administrators change their passwords to conform to this policy? They must change their passwords at least on a monthly basis 4) To conform to this policy, how often must regular system users change their passwords? They have to be changed once in every three months 5) According to this policy, what is the minimum character length for a password and how should it be constructed? According to this policy, there is a minimum character length of eight alphanumeric characters for a password. The policy states what makes up a strong password. First it incorporates both small and capital letters. Further, it is made of symbols, characters, marks for punctuation and digits 0-9 (Farrell, 2008). They should not be words in other languages, dialect, slang or jargon. Caution should be taken not to include names relating to family members or personal information. The person creating it should be in a position of remembering it. The best passwords are created following a particular phrase. For instance, “I have always told you not to try this alone” has a resultant password of iHaTyNTt~T1 6) Why is password1 not a choice for a password? Password1 is not a good password because the word password is available in the dictionary and also a common computer terminology. It precedes a digit that is a very common way to write weak passwords that are easily traceable. References Farrell, S. (2008). Password Policy Purgatory. IEEE Internet Comput., 12(5), 84-87. doi:10.1109/mic.2008.108 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“CIS212 U1 Review Essay Example | Topics and Well Written Essays - 250 words”, n.d.)
CIS212 U1 Review Essay Example | Topics and Well Written Essays - 250 words. Retrieved from https://studentshare.org/information-technology/1688140-cis212-u1-review
(CIS212 U1 Review Essay Example | Topics and Well Written Essays - 250 Words)
CIS212 U1 Review Essay Example | Topics and Well Written Essays - 250 Words. https://studentshare.org/information-technology/1688140-cis212-u1-review.
“CIS212 U1 Review Essay Example | Topics and Well Written Essays - 250 Words”, n.d. https://studentshare.org/information-technology/1688140-cis212-u1-review.
  • Cited: 0 times

CHECK THESE SAMPLES OF Nuclear Plant Password Policy

Design System and Security Control

Some of the devices require the user to also supply a password or personal identification number (PIN) to verify their identity.... An essay "Design System and Security Control" reports that there are a number of system security and control requirements that are required for the implementation of the ACA Technology....
13 Pages (3250 words) Essay

IT Consultant & Methodolgies

A weak password policy Using user's name as a password might sound as a brilliant idea for ensuring users remember the passwords, but in reality, it creates a serious security risk (Afayyadh, et al.... Improving Usability of password Management with Standardized password Policies.... A cracker can use this avenue to plant viruses into the system that will later be hard to detect as they are integrated into the operating system (Schwartz, 2012)....
3 Pages (750 words) Essay

Secure Web-based Application

n this research, the ultimate solution will be produced which will allow the creation of a "strong": password (which contains letters, numbers, and special characters) that will open all the authorized applications.... As we are using here the Single sign-on method so some of its benefits are listed over here: If an employee does forget their one password, he or she c.... Frequently results in significant password help desk cost savings an employee does forget their password, he or she can easily reset it by using the preset authentication line....
9 Pages (2250 words) Essay

Social Marketing, Sustainability and Racism in Australia

The paper "Social Marketing, Sustainability and Racism in Australia" discusses that the idea of behavior change is a major challenge in consumer behavior research.... Building on the prior case of racism in Australia, different strategies are used by the Australian government to deal with racism....
15 Pages (3750 words) Essay

Information Security Policy for Amazon Inc

This report "Information Security policy for Amazon Inc" analyzes the application and management of the information security management system in a real-life organization.... For that purpose, organizational management and governance have to define a 'policy', which is the best source of enhancing the control (Berger, 2010).... So, there is a need to develop and update the information security management policy....
24 Pages (6000 words) Report

Information Security

A large portion of the network security solutions offered by the company comply with the manner of operation of an NXG platform, that offers an integrated security architecture; centralized and real-time security updates; central enforcement and management of security policy.... This case study "Information Security" focuses on the best practices for the IT systems of an IT solutions firm called Check Point Software Technologies Ltd....
22 Pages (5500 words) Case Study

Managing Information System in Healthcare Institutions

The policy document will address issues that have been recognized as possible causes of the information security breach.... First, the policy document must address the procedure for the acquisition of the hardware including authentication measures and passwords that will be assigned to each profession as a gate pass to the information organization system.... The policy document will also guide the employees on the privacy rights of caregivers, patients, families and research....
10 Pages (2500 words) Case Study

Network Security's Role

The absence of an effective security policy compromises the availability of a network.... The process starts with assessing risks and evaluating the current network configuration and security policy.... No policy for remote access.... No policy on remote access for databases.... No BIOS and Hard Drive password administered.... password and User Authentication Applicationa....
17 Pages (4250 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us