Tag Archives: comptia

Policies to Know for Network+ (N10-007) – Data Loss Prevention

Network+, , ,

N10-007A comprehensive data loss prevention (DLP) policy seeks to focus on accidental or malicious data losses. DLP policies consider internal and external users as well as define practices to guard against sensitive data. The best DLP policies can also cover wide network integration, not just limiting themselves to certain areas of networking such as email.

Most DLP policies focus on the use of content-level scanning and deep content inspection (DCI) to identify sensitive data and protect it. DLP policies target activities at three levels:

  • Client level (data in operation)
  • Network level (data in transit)
  • Storage level (data at rest)

You should take the following actions when designing a DLP policy for your organization:

  • Consider any risk assessments your company has performed.
  • Incorporate key members of management from the various departments of your organization.
  • Identify the most sensitive data of the organization.
  • Outline a phased implementation of DLP and incorporate guidelines for tracking the success of the initiative.
  • Attempt to minimize any negative impacts on the business caused by the policy implementation.
  • Periodically review the DLP policy.
  • Include the appropriate event-monitoring specifics as they apply to the policy.

Policies to Know for Network+ (N10-007) – Password Policy

Network+, , ,

N10-007Password Policy

Because more and more sensitive data is finding its way into storage on our networks, more security measures are required than ever before. As part of this, your organization needs to possess a well-crafted security policy, and this security policy should include a comprehensive password policy. As you’ll learn in this post, you should also provide detailed training on this part of the security policy.

Keep in mind that in addition to “simple” username and password combinations, many other powerful technologies found in the modern network are available for user authentication. These include:

  • One-time passwords (OTPs)
  • Client certificates
  • Smart cards
  • Biometrics
  • Multifactor authentication

Despite these additional security options, the “classic” password still plays a pivotal role in most networks. It is obvious by glancing at recent news headlines that user credentials represent a major area of attack.

Your password policy should include the following:

  • Education for end users
  • Strong password requirements, such as the following:
    • Minimum password lengths
    • Restrictions on the use of proper names
    • Password expiration
    • No previously used passwords allowed
    • No words spelled out completely within the password
    • The use of characters from the following groups:
      • Uppercase letters
      • Lowercase letters
      • Numbers
      • Special characters

Your password policy might also detail the use of password management software. This software stores passwords for different resources and can even help users generate complex passwords across these resources. Of course, the software itself must
be protected with a strong password that the user should memorize.