123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Writing >> View Article

Options For Managing The Need For Multiple Policies

Profile Picture
By Author: amandda
Total Articles: 60
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

You can have only one password policy per domain. Many times you need more. Within any organizations there are areas of MCTS Certificationsensitivity that require more security than others. The users who access data in these areas should use stronger passwords than most other users. There are also accounts that hold more privileged access rights: administrator accounts, privileged accounts, and accounts with delegated permissions. These privileged accounts should use stronger passwords too. Your work in discovering the organization's culture and the nature of its business might have brought these needs to your attention. Unfortunately, there is no technical control that will allow you to create separate password policies for individual accounts or groups within a domain or to vary the policy by OU. You cannot, for example, use the password policy to require administrators to use 15-character passwords without requiring everyone in the domain to do so as well. You can choose one of the following two options for managing the need for multiple password policies:

Create multiple domains. ...
... Within each domain, a separate password policy can be created. This should have been considered when the Active Directory structure was being defined. If it has been, create the appropriate policy for each domain.

Extend the password policy beyond its technical controls and require users who should be using a strong password, changing it more frequently, or guarding it more strongly to do so. This option must either be enforced by a third-party product, custom-developed code, or audit. Third-party products might include moving away from the use of passwords as Windows Vista examauthentication credentials.

Consider using correct auditing techniques or ways to review the information.
Q Using correct techniques can counter the negative effects of massive logs. When events are filtered according to their importance, critical events are easily discernible.
Q In addition, while reviewing large amounts of ordinary activity is often fruit-less, examining the trends shown in the collected information can be valuable. If knowledge of what is ordinary exists, the abnormal can trigger further investigation. What, for example, is the meaning of a sudden large increase in revocation? Or in certificate request denial? These trends are not observable via simple viewing of the CA console.
Write a security log review process. Collection of records is an exercise in futility if records are not reviewed.
Before CA-specific auditing events will be recorded, object auditing must be turned on in the Audit Policy portion of Group Policy. Consider where this should be done. The offline root CA will require object auditing to be turned on to capture local information. The other CAs should be placed in a designated OU so that the entire security baseline for CAs can be easily applied. A GPO can be linked to this OU, and the GPO's audit policy can be set to audit object access for success and failure.
See Also Careful consideration of the meaning of events will enable the development of the best audit design for each CA implementation. For more information about designing free CompTIA exam questionsaudits in general, see Chapter 9.

Total Views: 190Word Count: 505See All articles From Author

Add Comment

Writing Articles

1. Enhancing The Essay Writing Process
Author: Creighton Lyon

2. Cnc Machine Tools Precision Solutions For Modern Manufacturing
Author: Blocktobox

3. Claims Of Racism And Intimidation In Gmc's Actions Against Accuvision Clinic
Author: Wilfred

4. Housing Esa Letter: 5 Key Facts You Must Know
Author: Justin Foley

5. Elevating Accessibility: Streamlining Subtitle Creation For Youtube Creators
Author: Janice Chow

6. Shower Curtains For Hotels
Author: Richard

7. Google Flights Leverages Amtrak Data To Boost Sustainable Transport Decisions Amid Green Initiative Push
Author: jamescolin

8. Academic Guru: A Leading Thesis And Dissertation Writing Service Provider
Author: Nitesh

9. Cipher Publisher: A Leading Name In Self-publishing Excellence
Author: Nitesh

10. Ag Publishing House: A Leading Self-book Publishing House
Author: Nitesh

11. Discover The Personality And Characteristics Of Men Based On Their Zodiac Signs
Author: astrosir

12. Top Revenue Cycle Management Software Solutions To Streamline Your Practice's Financial Health
Author: Pawan shukla

13. Discover The Haunted Places In Las Vegas: Where The Paranormal Meets The Strip
Author: Horror Insider

14. The Natural Wonders Of Maria Island: A Scenic Cruise Adventure
Author: Scarlettstark

15. Stress-free, Fun-filled Sydney Cruises That Make Your Year-end Celebration Truly Special!
Author: Scarlettstark

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: