[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 195419 Download | Alert*

Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed periodically. One method of minimizing this risk is to use complex passwords and periodically change them. If the operating system does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the operating system passwords could be compromised.

Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the end result is a password that is not changed as per policy requirements.

By auditing access restriction enforcement, changes to application and OS configuration files can be audited. Without auditing the enforcement of access restrictions, it will be difficult to identify attempted attacks and an audit trail will not be available for forensic investigation. Enforcement actions are the methods or mechanisms used to prevent unauthorized changes to configuration settings. ...

If events associated with non-local administrative access or diagnostic sessions are not logged, a major tool for assessing and investigating attacks would not be available. This requirement addresses auditing-related issues associated with maintenance tools used specifically for diagnostic and repair actions on organizational information systems. Non-local maintenance and diagnostic activities ar ...

Misuse of privileged functions, either intentionally or unintentionally by authorized users, or by unauthorized external entities that have compromised information system accounts, is a serious and ongoing concern and can have significant adverse impacts on organizations. Auditing the use of privileged functions is one way to detect such misuse, and identify the risk from insider threats and the a ...

Frequently, an attacker that successfully gains access to a system has only gained access to an account with limited privileges, such as a guest account or a service account. The attacker must attempt to change to another user account with normal or elevated privileges in order to proceed. Auditing successful and unsuccessful attempts to switch to another user account mitigates this risk.

The permissions on a file establish which users are permitted to access or modify it. An attacker may attempt to change the permissions on a file to prevent legitimate users from accessing it or to grant additional access to an account the attacker controls. Auditing successful and unsuccessful attempts to modify security objects such as file permissions mitigates this risk.

Controls whether a user can use the OSX GUI to start or switch to a login session running as another user concurrently. In .GlobalPreferences.plist, set the MultipleSessionEnabled key to false to disable fast user switching.

Enable or disable console login as appropriate. If console login is enabled, the user can type '>console' for the user name to get a console login. In loginwindow.plist, set the DisableConsoleAccess key = true to prevent console logins. If the key does not exist, console login is allowed.

The setting controls whether external accounts, which are defined and stored on 'other' media (such as USB drives or specified disk partitions), are allowed to be active on a system. In loginwindow.plist, set the EnableExternalAccounts key = false to disable external accounts. If the key does not exist, external accounts are allowed.


Pages:      Start    11673    11674    11675    11676    11677    11678    11679    11680    11681    11682    11683    11684    11685    11686    ..   19541

© SecPod Technologies