Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
132 CHAPTER 8 Security Standards and Services<br />
ONE-FACTOR<br />
With one-factor authentication, only one form of authenticator is used in<br />
conjunction with a username. Often, the single authenticator is a password, or<br />
PIN. Password policies come in the following three security levels:<br />
■ Low (or no) – six characters long or less.<br />
■ Medium – between 8 and 13 characters.<br />
■ High – policies requiring 14 or more characters.<br />
Additionally, all password policies, regardless of password length, should require<br />
an acceptable password that contains a combination of the following:<br />
■<br />
■<br />
■<br />
■<br />
■<br />
■<br />
Uppercase and lowercase alphabetic characters<br />
Numbers<br />
Special characters<br />
No dictionary words<br />
No portion of the username in the password<br />
No personal identifiers should be used, including birthdays, social security<br />
number, pet’s name, and so on.<br />
TWO-FACTOR<br />
Two-factor authentication can be implemented by requiring a user to provide<br />
an authenticator from two categories of authenticators. To misuse your authentication<br />
credentials in a two-factor authentication scheme, an attacker must<br />
acquire both.<br />
Token technology is a method that can be used in networks and facilities to authenticate<br />
users. The tokens are a physical device used for the randomization of a code<br />
that can be used to assure the identity of the individual or service that has control<br />
of them.<br />
MULTIFACTOR<br />
Three-factor authentication or commonly known as multifactor authentication<br />
should use three independent authentication mechanisms available. The following<br />
are four possible types of factors that can be used in a multifactor<br />
authentication implementation:<br />
■<br />
■<br />
■<br />
■<br />
A password or a PIN can be defined as a something you know factor.<br />
A token or Smart Card can be defined as a something you have factor.<br />
A thumbprint, retina, hand, or other biometrically identifiable item can be<br />
defined as a something you are factor.<br />
Voice or handwriting analysis can be used as a something you do factor.<br />
SINGLE SIGN-ON<br />
Single Sign-On (SSO) is a process in which we simplify the access to different<br />
systems by authenticating the user once. Benefits of SSO include direct reduction<br />
in password fatigue that users experience by having to logon to and keep<br />
track of so many different authentication credentials and simplified management.<br />
SSO can be implemented through various network operating systems (NOS)