Essay on Is3230 Lab #1 Assessment Question

822 Words Aug 17th, 2014 4 Pages
1. What does DACL stand for and what does it mean? It is a type of access control defined by the Trusted Computer System Evaluation Criteria as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control)". 2. Why would you add permissions into a group instead of the individual? What policy definition do you think is required to support this type of access control implementation? …show more content…
5. What are other available Password Policy options that could be enforced within a Microsoft Windows Server to improve security? Enforce password history, Maximum password age, Minimum password age, Minimum password length, Store passwords using reversible encryption

6. Is using the option to “Store passwords using reversible encryption’ a good security practice? Why or why not? When should you enable the option to ‘Store passwords using reversible encryption’? This policy provides support for applications that use protocols that require knowledge of the user's password for authentication purposes. Storing passwords using reversible encryption is essentially the same as storing plaintext versions of the passwords. For this reason, this policy should never be enabled unless application requirements outweigh the need to protect password information. This policy is required when using Challenge-Handshake Authentication Protocol (CHAP) authentication through remote access or Internet Authentication Services (IAS). It is also required when using Digest Authentication in Internet Information Services (IIS).

7. What’s the difference between a Local Group Policy and a Domain Group Policy?

Related Documents