ITM 301 Lecture Notes - Lecture 8: Network Access Control, Access Control List, Password Policy

Befo(cid:396)e spe(cid:374)di(cid:374)g ti(cid:373)e a(cid:374)d (cid:373)o(cid:374)e(cid:455) o(cid:374) (cid:374)et(cid:449)o(cid:396)k se(cid:272)u(cid:396)it(cid:455), (cid:455)ou should e(cid:454)a(cid:373)i(cid:374)e (cid:455)ou(cid:396) (cid:374)et(cid:449)o(cid:396)k"s se(cid:272)u(cid:396)it(cid:455) (cid:396)isks. Diffe(cid:396)e(cid:374)t level of organizations = different levels of networks. If someone is obtaining an unauthorized access, your clients will be vulnerable. Data breach - implications of unauthorized access or use of sensitive data. Every organization should assess its security risks by conducting a posture assessment, which is a thorough examination of each aspect of the network to determine how it might be compromised. Performed annually and its better if its quarterly. Sometimes trusted users bring significant security threats including human errors and omissions. Sometimes, intruders can get into your system by asking for use(cid:396)"s passwords. They act like they are going to troubleshoot the problem by asking the users for personal identification. Strategy is commonly called social engineering because it involves manipulating social relationships to gain access.