You have to read the attached file to understanding. Please go over the attached file. It will explain you what Authentication is for first discussion board. You also have to read that file to understand what’s Access Control and Authorization is for Second Discussion board. That attached file will help to understand the concept behind this discussion board.
1. First Discussion Board
- Information Systems need strong security controls to ensure users and data are protected to meet the CIA Triad. The security requirements listed in FIPS 200 (Minimum Security Requirements for Federal Information and Information Systems) include Identification and Authentication. Systems users, processes/applications, and devices must be identified and verified prior to their access to organizational resources.
- Authentication is the verification of credentials to confirm the user or other entity is valid. Verification of systems users and processes delegated by users is essential as well as limiting functions and actions a user is permitted to perform within the system. Research best practices and approaches to properly authenticate a user for access to a system resource. Select at least two specific techniques(e.g. password authentication, two factor authentication, biometrics,…) and describe the technique along with the strengths and limitations. Respond to other student posts providing additional insights, feedback and/or examples as applicable.
2. Second Discussion board:
Access Control and Authorization Discussion
Describe access control mechanisms in place to protect files on an enterprise system. Specifically, drill down to permissions associated with read, write, modify, delete, or change ownership as applicable. Consider how roles and groups may enhance the administration and enforcement of access control policies.
Engage with at least one other colleague by responding to their posts with additional information, feedback and examples as applicable.