โ Scribed by Miles Clement
No coin nor oath required. For personal study only.
The first control areas were discussed in the previous article. In this second part we focus on the last five: network configuration, network traffic filtering, system integrity protection, back up and asset protection.
Most endpoint devices are connected to a network, which tends to be a standard vector for attacks against the endpoint. Personal firewalls have become a standard control in this area. Another control that has been available for a while, but not widely used, is authentication of the connecting devices. Most major operating systems now support mutual authentication between endpoint devices and servers.
Typically, device authentication relies on certificates. This requires the organisation to establish a PKI to issue and manage certificates. Each endpoint device and server that will be authenticated needs to be issued the certificate.
So how does mutual authentication of devices work? The following simplified process illustrates how the mutual authentication takes place.
๐ SIMILAR VOLUMES
## Abstract This chapter provides a framework for the volume by discussing ways that legislative mandates affect higher education institutions with regard to homeland security and the resulting cultural changes necessary at postsecondary institutions.