3.7.5 Multi-Factor Authentication to Establish Non-Local Maintenance Sessions Guides DFARS FAQ Q49 SANS Institute – Two-Factor Authentication (2FA) using OpenOTP Example Tools Remote Authentication Dial-In User Service (RADIUS)...
3.5.2 Authenticate Identities of Users, Processes or Devices Guides SANS Institute – An Overview of Different Authentication Methods and Protocols (DRAFT) NIST SP 80063B Digital Identity Guidelines –...
3.5.3 Multi-Factor Authentication Guides SANS Institute – Two-Factor Authentication: Can You Choose the Right One? Schneier on Security – More on Two-Factor Authentication...
3.5.4 Replay-Resistant Authentication for Accounts Guides Tufts University – Replay Attack Vulnerabilities and Mitigation Strategies Federal Identity, Credential, & Access Management – Approved Products List...
3.5.5 Prevent Reuse of Identifiers for Defined Period Guides Installing CA Identity Suite Virtual Appliance Example Tools CA Technologies Identity Suite Sailpoint IdentityIQ Sample Policy & Procedures NIST...
3.5.7 Enforce Minimum Password Complexity Sample Policy & Procedures Password Complexity Requirement Reference Guide for Windows Videos BrightTALK – Password Management YouTube – Enforce Password...
3.5.8 Prohibit Password Reuse Vendor Documentation Password Reuse – Overcome the Vulnerability Videos Password Reuse in the Enterprise Guides NIST Password Guidelines
3.5.10 Store & Transmit Encrypted Representation of Passwords Guides Serious Security: How to store your users’ passwords safely Example Tools Safe Password Hashing for PHP L0Phtcrack7 Passcape Windows...
3.8.1 Protect Information System Media Containing CUI Vendor Documentation Iron Mountain Example Tools Tape Backup – Offsite Tape Vaulting Exostar Digital Rights Management for Digital Content
3.8.3 Sanitize or Destroy System Media Containing CUI Guides NIST SP 800-88 – Guidelines for Media Sanitization National Security Agency / Central Security Service Policy Manual 9-12 Storage...