Scribd
Upload
9 views12 pages

CPR Security

The document discusses the advantages and disadvantages of passphrase managers, generators, and single sign-on systems, highlighting their impact on security and usability. It also covers best practices for password management, including the importance of unique passwords, two-factor authentication, and the risks of social engineering. Additionally, it compares cloud storage to local servers, noting benefits like accessibility and scalability, alongside concerns about security and costs.

Uploaded by

bm999252999
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
9 views12 pages

CPR Security

The document discusses the advantages and disadvantages of passphrase managers, generators, and single sign-on systems, highlighting their impact on security and usability. It also covers best practices for password management, including the importance of unique passwords, two-factor authentication, and the risks of social engineering. Additionally, it compares cloud storage to local servers, noting benefits like accessibility and scalability, alongside concerns about security and costs.

Uploaded by

bm999252999
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
You are on page 1/ 12

Practice Quiz

CPR Security
1. Passphrase Manager Advantages:
• It easy and fast to access website’s account
using your saved password by making
autofill.
• the second advantages is being able to
access accounts from all devices.
• provide security, it add another layer of
protection to the user.
2. Passphrase manager Disadvantages:
• any attacker can access you password by
one click because all of them protected by
one password.
• they stored in cloud, therefore attackers ca
take and encrypted them since not
everyone is able to protected their
accounts.

• 3. Passphrase Generator Advantages:


• It can generate random passwords that
powerful enough to prevent data leaks.
• it uses words that could be remembered by
humans.
• it is hard to be guessed by the attackers.
4. Passphrase Generator Disadvantages:
• some website and apps may have limited
character, so its hard to make powerful
password.
• Accounts may still possible to be exposed
in data breaches.

6. Use single sign on when available:


• Advantages: increasing productivity,
improved security, decreased IT cost,
increase admin security.
• Disadvantages: it is very costly. Mainly
limited web pages, require extra-strong
password, if an SSO provider is hacked, all
connected resources are open to attack.

7. To safeguard my passwords:
• I create different passwords for each
account and app.
• I add my phone number when it possible so
I can get approval text every time I signed
in.
• I updated security setting when it is
necessity.
• Therefore the method I provided is the best
method because it provide extra security
and more peace of mind. And for the other
methods it wouldn’t work because they had
less security and more dangerous
regarding the hackers.


Slides Notes

• Credentials: identification, Association


• Authentication: Verifying the identity implies
valid association.
Authorization after Authentication:
• giving someone permission to do or access
something, e. g. Access to system/network,
a directory/folder, tor read or write a file.
• least privilege principle grant only the
minimum authority needed.
• Me and IT people need authority to
everything.
• Minimum three user ID:
one for development system.
one for production server.
one used only for admin and
security.

What is Authorization?
• Permission = access rights = Authorization.
• Unix > chmod
permission read, write, excuse.
classes: user, group, others.
Security enhanced Linux
• OS security controls what users can view,
change, navigate, or excuse.
Browser Security:
• HTTPS needed for sign on.
• Domain Validation DV certificate.
• DNS privacy, security, block malware,
footnotes, Cisco.
• EFF’s Privacy Badger block invisible
tracker.
• EFF’s panopticklick online tracking test.

Passwords?
• Weak passwords: guessable or most used
passwords around the globe.

Forget your password? I forget my


password relies on E-mail security
questions.

Passwords edit rules.


• too short, minimum 8 character
• must have UPPERCASE character
• must have special character.
• must have number.
• Expired Pass, must be changed.
Passwords defence:
• Passwords managers: 1password(CDN),
Bit Warden(OSS), MS Authenticator(free).
• Dice ware Pass-phrase: Long, memorable,
random.
• User ID and password
• passphrase generator or password
generator.
• email alias for UserID.

2nd most common cracking method:


Social Engineering: You are own security
hole, spear phishing has 35% success rate,
Social media is easy way for hackers to
guess credentials and stealing your identity.

Two factor Authentication - 2FA


• Something I know user ID & pass, PIN
• Something I have

Three factor Authentication - 3FA


• Most common secure and most expensive:
Something I know: User ID &pass, PIN.
Something I have Smartphone, Bank,
Credit. Something I am, fingerprint, facial.

PIN: Probably Insecure Number


• 4 digit used by banks, credit cards….
• Most people use date to make it
memorable.

Better Passwords Policies


• User ID
• 14-16 characters.
• use risk no time.
• do not use password has been used
previously.
• require two factor ID

Just say no to passwords: use a pass-key


instead.

Security protects privacy:


• Authentication MFA (Multi factor
authentication)
• Authorization
• Enterprise SSO
• IBM
• System Zero trust architecture
• Iac
• Encrypt local and Backup data

Storing files in the cloud


has several advantages
over using a company’s
local server. One key
benefit is accessibility—
employees can access
files from anywhere with
an internet connection,
making remote work
easier. Cloud storage
providers also handle
maintenance, backups,
and security updates,
reducing IT costs and
workload. Additionally,
scalability is a major
advantage, as companies
can increase storage as
needed without
purchasing new
hardware.

However, there are also


disadvantages. Data
transfer rates can be
slower, especially if the
internet connection is
weak, leading to delays
in accessing or uploading
large files. Security is
another concern, as
storing sensitive data on
external servers
increases the risk of
breaches or unauthorized
access. Some cloud
services also have file
name length limits or
restrictions on the
number and size of files
that can be stored.
Finally, ongoing
subscription costs can
add up over time, making
cloud storage potentially
more expensive than a
one-time investment in a
local server.

You might also like