Multifactor authentication (MFA) to an information system, as described by The DoD, uses two or more methods of authentication involving something you know (e.g., password); something you have (e.g., a One-Time Password (OTP) generating device like a fob, smart-card,...
Authenticators include passwords, cryptographic devices, biometrics, certificates, one-time password devices, and ID badges. Device authenticators include certificates and passwords. Initial authenticator content is the actual content of the authenticator (e.g., the...
The Department of Homeland Security states that web content filtering (WCF) provides protection at the application layer for web traffic by blocking access to suspicious websites, preventing malware from running on systems and networks, and detecting and blocking...
NIST defines perimeter hardening as the monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communications, using boundary protection devices (e.g. gateways, routers,...
NIST defines patch management as the systematic notification, identification, deployment, installation, and verification of operating system and application software code revisions. These revisions are known as patches, hot fixes, and service packs. (Source) The need...
Organizations provide basic and advanced levels of literacy training to system users, including measures to test the knowledge level of users. Organizations determine the content of literacy training and awareness based on specific organizational requirements, the...
