IT Examiner School, Providence, RI
IT General Controls (continued)
Multifactor Authentication combines two or more independent credentials:
What the user “knows”, such as passwords, personal identification numbers (PINS), and answers to security questions.
What the user “has”, such as a security token, ATM card, etc.
What the user “is”, such as biometric verification including fingerprint readers, retina scanners, and voice recognition.
IT General Controls (continued)
Basic Access Controls:
User IDs, Passwords (minimum password requirements, complexity, expiration, number of passwords remembered)
Screensavers enforced (timeout) after a period of inactivity.
VPN Controls (IDs, passwords, digital certificates, additional authentication such as tokens)
Authentication (single factor, two factor, multi-factor)
Made with FlippingBook Annual report