Design Activity: Designing A Logical Authentication Strategy

By Author: amandda
Total Articles: 60
Comment this article

what that central, corporate security policy about Windows XP Professional can be. We are, however, most concerned with our Windows systems and would like you to concentrate efforts first on them."
Network Administrator, Western Territory "We are committed to improving information security. We know that practices in other locations are responsible for virus and worm infections in our environment, specifically by their executives traveling to our location. We also have difficulty accessing corporate resources.
Our users have to remember too many passwords and get confused by the different requirements that different accounts have."Help Desk Employee "If you ask my opinion, we need a little less control, not more. I spend most of my day resetting passwords and unlocking accounts. It's just too confusing for the users and too hard for them to remember their password. Why, just last week, I had to rebuild 10 machines because their users forgot their passwords and I am not allowed to have an account on those systems or use utilities to change passwords on them."
Plant ...
... Manager "I hope you can do something about these worm attacks. In the past, they have prevented us from getting MCSA Certificationgood information on the status of operations at our plants."
Finance Manager "You should know that there is no budget for purchasingnew computer systems this quarter."Human Resources Manager "Our PeopleSoft systems run on UNIX, and you cannot change that."

Creating a logical authentication design does not always mean standardizing on a single authentication protocol.
Strengthening authentication processes requires knowledge of the protocol, its weaknesses, and how its weaknesses can be mitigated.

Forest trusts provide a way of quickly opening access between two forests without having to create multiple trust relationships.
External trusts and forest trusts can be restricted by using: Q Selective authentication Q TopLevelExclusion Q Disabling domain info records
To design a strong password policy, you must consider the impact of each setting on the overall password policy.
To implement a strong password policy, you must use more than technical controls.
Exam Highlights
Before taking the exam, review these free CompTIA questionskey points and terms. You need to know this information.