3.5.3 Multi-Factor Authentication
Guides SANS Institute – Two-Factor Authentication: Can You Choose the Right One? Schneier on Security – More on Two-Factor Authentication...
- Home
- Knowledge Base
- NIST Forms
-
-
3.5.4 Replay-Resistant Authentication for Accounts
Guides Tufts University – Replay Attack Vulnerabilities and Mitigation Strategies Federal Identity, Credential, & Access Management – Approved Products List... -
3.5.5 Prevent Reuse of Identifiers for Defined Period
Guides Installing CA Identity Suite Virtual Appliance Example Tools CA Technologies Identity Suite Sailpoint IdentityIQ Sample Policy & Procedures NIST... -
3.5.7 Enforce Minimum Password Complexity
Sample Policy & Procedures Password Complexity Requirement Reference Guide for Windows Videos BrightTALK – Password Management YouTube – Enforce Password... -
3.5.8 Prohibit Password Reuse
Vendor Documentation Password Reuse – Overcome the Vulnerability Videos Password Reuse in the Enterprise Guides NIST Password Guidelines -
3.5.10 Store & Transmit Encrypted Representation of Passwords
Guides Serious Security: How to store your users’ passwords safely Example Tools Safe Password Hashing for PHP L0Phtcrack7 Passcape Windows... -
3.8.1 Protect Information System Media Containing CUI
Vendor Documentation Iron Mountain Example Tools Tape Backup – Offsite Tape Vaulting Exostar Digital Rights Management for Digital Content -
3.8.3 Sanitize or Destroy System Media Containing CUI
Guides NIST SP 800-88 – Guidelines for Media Sanitization National Security Agency / Central Security Service Policy Manual 9-12 Storage... -
3.8.7 Control use of Removable Media on System Components
Guides SANS Institute – Ubiquitous Security Backdoor (USB) Additional Lessons Learned US-CERT – The Risks of Using Portable Devices Sample... -
3.9.2 Ensure CUI & Organizations Systems are Protected
Guides NIST SP 800-14 – Generally Accepted Principles and Practices for Securing Information Technology Systems Example Tools Enterprise Data Loss...