Information Security and Assurance - C725 - final Study
Defense in Depth
A defense that uses multiple types of security devices to protect a network. Also called layered security. This security is implemented in overlapping layers that provide the three elements needed to secure assets: prevention, detection, and response. Defense in depth also seeks to offset the weaknesses of one security layer by the strengths of two or more layers.
digital certificate
A digital certificate binds the identity of an individual to a key pair. A digital certificate is an electronic credit card that establishes an individual's credentials when doing business or other transactions on the Web. It is issued by a certification authority (CA). It contains the name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to a standard, X.509. A digital signature is a message digest that is encrypted using the sender's private key.
Qualitative risk analysis
A qualitative analysis assigns real dollar figures to the loss of an asset. includes judgment, intuition, and experience. It enables an individual to identify the potential risks, and assets and resources which are vulnerable to these risks. It depends more on scenarios rather than calculations. It requires guesswork, makes use of opinions, and provides useful and meaningful results. risk analysis does not support automation; it is supported by quantitative risk analysis.
Message Digest
A small representation of a larger message. Message digests are used to ensure the authentication and integrity of information, not the confidentiality. The main disadvantage of message digests is that the timestamp can be modified. During the course of a forensic investigation, the last access time for a file is changed when a message digest is created on the data collected. Message digests are necessary to ensure that the evidence is not tampered with during the course of the investigation. A logging timestamp is changed due to a transaction taking place and overwrites the timestamp of the incident that originally occurred. A message digest is a fixed output created by using a one-way hash function. A message digest is created from a variable set of input, also referred to as a checksum. A message digest is helpful in detecting whether any change is made to the records during the course of the chain of custody. The message digest is expected to be smaller than the original data string. Message digests do not provide a stringent authentication and deal with integrity of information. Message digests do not contribute to either a higher processing time or a slower access time.
Symmetric Encryption
An encryption method in which the same key is used to encrypt and decrypt a message. Also known as private-key encryption. symmetric algorithm generates a secret key that is used for bulk encryption and decryption of data.
four steps of the business continuity planning process
Business continuity planning involves four distinct phases: project scope and planning, business impact assessment, continuity planning, and approval and implementation.
Control Objectives for Information and Related Technology (COBIT)
COBIT is an initiative from the Information Systems Audit and Control Association (ISACA) and is preferred among IT auditors COBIT 5 is based on five key principles for governance and management of enterprise IT: Principle 1: Meeting Stakeholder Needs Principle 2: Covering the Enterprise End-to-End Principle 3: Applying a Single, Integrated Framework Principle 4: Enabling a Holistic Approach Principle 5: Separating Governance From Management COBIT is used not only to plan the IT security of an organization but also as a guideline for auditors. COBIT is a widely recognized and respected security control framework.
Who Is Responsible for Security
Chief information security officer (CISO): Establishes and maintains security and risk-management programs for information resources. Information resources manager: Maintains policies and procedures that provide for security and risk management of information resources. Information resources security officer: Directs policies and procedures designed to protect information resources (identifies vulnerabilities, develops security awareness program, and so forth). Owners of information resources: Have the responsibility of carrying out the program that uses the resources. This does not imply personal ownership. These individuals might be regarded as program managers or delegates for the owner. Custodians of information resources: Provide technical facilities, data processing, and other support services to owners and users of information resources. Technical managers (network and system administrators): Provide technical support for security of information resources. Internal auditors: Conduct periodic risk-based reviews of information resources security policies and procedures. Users: Have access to information resources in accordance with the owner-defined controls and access rules.
best represents the three objectives of information security
Confidentiality, integrity, and availability
Due Care and Due Diligence
Due care is using reasonable care to protect the interests of an organization. Due diligence is practicing the activities that maintain the due care effort.
OSI model eight security mechanisms
Encipherment: The conversion of plain-text messages into ciphers or encoded messages that only the person with the cipher key can unlock. Digital signature: In general, the use of public and private key encryption that allows the sender to encrypt a message and the intended recipient to decrypt the message. Access control: See the earlier description. Data integrity: See the earlier description. Authentication: See the earlier description. Traffic padding: The technique by which spurious data is generated to disguise the amount of real data being sent, thus making data analysis or decryption more difficult for the attacker. Routing control: The Internet has routes between networks. When a network drops, the routing control processor determines in real time the optimal path, to reduce downtime. Notarization: Digital notarizations, the counterpart to the paper notary, prove that electronic files have not been altered after they were digitally notarized. (See Lesson 11, "Cryptography," for more information on digital signatures.)
Computer Security Depends on Two Types of Requirements
Functional requirements describe what a system should do. Assurance requirements describe how functional requirements should be implemented and tested. Both sets of requirements are needed to answer the following questions: Does the system do the right things (behave as promised)?Does the system do the right things in the right way?
Understand the public key infrastructure (PKI)
In the public key infrastructure, certificate authorities (CAs) generate digital certificates containing the public keys of system users. Users then distribute these certificates to people with whom they want to communicate. Certificate recipients verify a certificate using the CA's public key.
OSI Model Layers
Physical layer (layer 1) transmit bit streams on a physical medium. They manage the interfaces of physical devices with physical transmission media, such as coax cable. This layer has the fewest tasks to perform. It sends bit streams across the network to another device and receives a bit stream response in return. The High Speed Serial Interface (HSSI) is one example of a standard interface working at the Physical Layer level. Data Link Layer (layer 2) transfers units of information to the other end of the physical link. Protocols at this level establish communication links between devices over a physical link(physical devices) or channel, converting data into bit streams for delivery to the lowest layer, the Physical Layer. 802.11 wireless LANs operate at Layer 2 and Layer 1 Network layer (layer 3) decides how small bundles, or packets, of data route between destination systems on the same network or interconnected networks. Routers and bridge routers (brouters) are among the network hardware devices that function at layer 3 Network (Internet) Layer protocols: Internet Protocol: The protocol of protocols, IP addresses are assigned by the Internet Assigned Numbers Authority to each host computer on the network. This serves as a logical ID. The IP address assists with the routing of information across the Internet. Outgoing data packets have the originator's IP address and the IP address of the recipient. Address Resolution Protocol (ARP): ARP matches an IP address to an Ethernet address, which is a physical device (network adapter) that has a unique media access control (MAC) address assigned by the manufacturer of the device. MAC addresses are much longer numbers than IP addresses, and humans tend to work better with IP addresses than with MAC addresses. Thus, ARP and RARP (covered next) exist to help with network addressing tasks. Reverse Address Resolution Protocol (RARP): If ARP translates an IP address to a MAC address, then RARP translates hardware interface (MAC) addresses to IP protocol addresses. Internet Control Message Protocol (ICMP): The ICMP is tightly integrated with the IP protocol. Some of its functions include announcing network errors and congestion, troubleshooting, and reporting timeouts. ICMP is the management protocol for TCP/IP and is often the source of security issues; network hackers use it to select targets and determine network level information about these targets. For example, the common ping command, used to determine whether an IP or host name is online, is an ICMP command. Transport layer (layer 4) Protocols at this level provide the point-to-point integrity of data transmissions. They determine how to address the other computer, establish communication links, handle the networking of messages, and generally control the session. The Transmission Control Protocol (TCP) operates at this level. TCP allows two computers to connect with each other and exchange streams of data while guaranteeing delivery of the data and maintaining it in the same order. Although the context of communications works at the higher layers of the protocol stack, the transport of this context over the network occurs at Layer 4. Transport Layer (host-to-host) protocols: Transmission Control Protocol: TCP is a reliable service that maintains the proper sequence of incoming packets and acknowledges receipt to the user. User Datagram Protocol (UDP): UDP is a less robust version of TCP. It does not acknowledge receipt of packets and is a connectionless and less reliable service. Its advantage over TCP is its faster speed and lower overhead. Session layer (layer 5) is responsible for establishing, maintaining, and terminating communication sessions between two computers. When you request information about your checking account balance from your bank's web application, the Session Layer makes the initial contact with the host computer, formats the data you are sending for transmission, establishes the necessary communication links, and handles recovery and restart functions. Presentation Layer (Layer 6) translates or "presents" data to the Application Layer. Data encryption and decryption occur in this layer along with data translation. Whenever you view a photograph in JPEG format on the Internet, watch a video someone has sent you in MPEG format, or listen to an MP3 file , you are interacting with OSI Presentation Layer protocol services. Application layer (layer 7) is called the data stream. the highest layer in the stack, is the one most directly related to the computer user. It provides several application services, such as file transfer, resource allocation, and the identification and verification of computer availability. Each time you send an email, you are invoking protocols at the Application Layer level.
Three Types of Security Controls
Preventative, Detective, and Responsive Controls (such as documented processes) and countermeasures (such as firewalls) must be implemented as one or more of these previous types, or the controls are not there for the purposes of security. Shown in another triad, the principle of defense in depth dictates that a security mechanism serve a purpose by preventing a compromise, detecting that a compromise or compromise attempt is underway, or responding to a compromise while it's happening or after it has been discovered.
Four Types of Policies
Program-level policy is used for creating a management-sponsored computer security program. A program-level policy, at the highest level, might prescribe the need for information security and can delegate the creation and management of the program to a role within the IT department. Think of this as the mission statement for the IT security program. Program-framework policy establishes the overall approach to computer security (as a computer security framework). A framework policy adds detail to the program by describing the elements and organization of the program and department that will carry out the security mission. Issue-specific policy addresses specific issues of concern to the organization. These issues could be regulatory in nature—for example, the Payment Card Industry (PCI) data security standard, Sarbanes-Oxley (SOX), or the Gramm-Leach-Bliley Act (GLBA), to name a few. System-specific policy focuses on policy issues that management has decided for a specific system.
RSA public key cryptosystems
RSA is the most famous public key cryptosystem; it was developed by Rivest, Shamir, and Adleman in 1977. It depends on the difficulty of factoring the product of prime numbers. El Gamal is an extension of the Diffie-Hellman key exchange algorithm that depends on modular arithmetic. The elliptic curve algorithm depends on the elliptic curve discrete logarithm problem and provides more security than other algorithms when both are used with keys of the same length.
Organizational Roles and Responsibilities
Senior Manager: The organizational owner (senior manager) role is assigned to the person who is ultimately responsible for the security maintained by an organization and who should be most concerned about the protection of its assets. The senior manager must sign off on all policy issues. In fact, all activities must be approved by and signed off on by the senior manager before they can be carried out. There is no effective security policy if the senior manager does not authorize and support it. The senior manager's endorsement of the security policy indicates the accepted ownership of the implemented security within the organization. The senior manager is the person who will be held liable for the overall success or failure of a security solution and is responsible for exercising due care and due diligence in establishing security for an organization. Even though senior managers are ultimately responsible for security, they rarely implement security solutions. In most cases, that responsibility is delegated to security professionals within the organization. Security Professional: The security professional, information security (InfoSec) officer, or computer incident response team (CIRT) role is assigned to a trained and experienced network, systems, and security engineer who is responsible for following the directives mandated by senior management. The security professional has the functional responsibility for security, including writing the security policy and implementing it. The role of security professional can be labeled as an IS/IT function role. The security professional role is often filled by a team that is responsible for designing and implementing security solutions based on the approved security policy. Security professionals are not decision makers; they are implementers. All decisions must be left to the senior manager. Data Owner: The data owner role is assigned to the person who is responsible for classifying information for placement and protection within the security solution. The data owner is typically a high-level manager who is ultimately responsible for data protection. However, the data owner usually delegates the responsibility of the actual data management tasks to a data custodian. Data Custodian: The data custodian role is assigned to the user who is responsible for the tasks of implementing the prescribed protection defined by the security policy and senior management. The data custodian performs all activities necessary to provide adequate protection for the CIA Triad (confidentiality, integrity, and availability) of data and to fulfill the requirements and responsibilities delegated from upper management. These activities can include performing and testing backups, validating data integrity, deploying security solutions, and managing data storage based on classification. User: The user (end user or operator) role is assigned to any person who has access to the secured system. A user's access is tied to their work tasks and is limited so they have only enough access to perform the tasks necessary for their job position (the principle of least privilege). Users are responsible for understanding and upholding the security policy of an organization by following prescribed operational procedures and operating within defined security parameters. Auditor: An auditor is responsible for reviewing and verifying that the security policy is properly implemented and the derived security solutions are adequate. The auditor role may be assigned to a security professional or a trained user. The auditor produces compliance and effectiveness reports that are reviewed by the senior manager. Issues discovered through these reports are transformed into new directives assigned by the senior manager to security professionals or data custodians. However, the auditor is listed as the final role because the auditor needs a source of activity (that is, users or operators working in an environment) to audit or monitor.
STRIDE threat model
Spoofing: An attack with the goal of gaining access to a target system through the use of a falsified identity. Spoofing can be used against Internet Protocol (IP) addresses, MAC addresses, usernames, system names, wireless network service set identifiers (SSIDs), email addresses, and many other types of logical identification. When an attacker spoofs their identity as a valid or authorized entity, they are often able to bypass filters and blockades against unauthorized access. Once a spoofing attack has successfully granted an attacker access to a target system, subsequent attacks of abuse, data theft, or privilege escalation can be initiated. Tampering: Any action resulting in unauthorized changes or manipulation of data, whether in transit or in storage. Tampering is used to falsify communications or alter static information. Such attacks are a violation of integrity as well as availability. Repudiation: The ability of a user or attacker to deny having performed an action or activity. Often attackers engage in repudiation attacks in order to maintain plausible deniability so as not to be held accountable for their actions. Repudiation attacks can also result in innocent third parties being blamed for security violations. Information disclosure: The revelation or distribution of private, confidential, or controlled information to external or unauthorized entities. This could include customer identity information, financial information, or proprietary business operation details. Information disclosure can take advantage of system design and implementation mistakes, such as failing to remove debugging code, leaving sample applications and accounts, not sanitizing programming notes from client-visible content (such as comments in Hypertext Markup Language (HTML) documents), using hidden form fields, or allowing overly detailed error messages to be shown to users. Denial of service (DoS): An attack that attempts to prevent authorized use of a resource. This can be done through flaw exploitation, connection overloading, or traffic flooding. A DoS attack does not necessarily result in full interruption to a resource; it could instead reduce throughput or introduce latency in order to hamper productive use of a resource. Although most DoS attacks are temporary and last only as long as the attacker maintains the onslaught, there are some permanent DoS attacks. A permanent DoS attack might involve the destruction of a dataset, the replacement of software with malicious alternatives, or forcing a firmware flash operation that could be interrupted or that installs faulty firmware. Any of these DoS attacks would render a permanently damaged system that is not able to be restored to normal operation with a simple reboot or by waiting out the attackers. A full system repair and backup restoration would be required to recover from a permanent DoS attack. Elevation of privilege: An attack where a limited user account is transformed into an account with greater privileges, powers, and access. This might be accomplished through theft or exploitation of the credentials of a higher-level account, such as that of an administrator or root. It also might be accomplished through a system or application exploit that temporarily or permanently grants additional powers to an otherwise limited account.
Process for Attack Simulation and Threat Analysis (PASTA)
Stage I: Definition of the Objectives (DO) for the Analysis of Risks Stage II: Definition of the Technical Scope (DTS) Stage III: Application Decomposition and Analysis (ADA) Stage IV: Threat Analysis (TA) Stage V: Weakness and Vulnerability Analysis (WVA) Stage VI: Attack Modeling & Simulation (AMS) Stage VII: Risk Analysis & Management (RAM)
formalized security policy structure
Standards define compulsory requirements for the homogenous use of hardware, software, technology, and security controls. They provide a course of action by which technology and procedures are uniformly implemented throughout an organization. A baseline defines a minimum level of security that every system throughout the organization must meet. All systems not complying with the baseline should be taken out of production until they can be brought up to the baseline. The baseline establishes a common foundational secure state on which all additional and more stringent security measures can be built. A guideline offers recommendations on how standards and baselines are implemented and serves as an operational guide for both security professionals and users. Guidelines are flexible so they can be customized for each unique system or condition and can be used in the creation of new procedures. A procedure or standard operating procedure (SOP) is a detailed, step-by-step how-to document that describes the exact actions necessary to implement a specific security mechanism, control, or solution.
security management planning team should develop three types of plans
Strategic Plan: A strategic plan is a long-term plan that is fairly stable. It defines the organization's security purpose. It also helps to understand security function and align it to the goals, mission, and objectives of the organization. It's useful for about five years if it is maintained and updated annually. The strategic plan also serves as the planning horizon. Long-term goals and visions for the future are discussed in a strategic plan. A strategic plan should include a risk assessment. Tactical Plan: The tactical plan is a midterm plan developed to provide more details on accomplishing the goals set forth in the strategic plan or can be crafted ad hoc based upon unpredicted events. A tactical plan is typically useful for about a year and often prescribes and schedules the tasks necessary to accomplish organizational goals. Some examples of tactical plans are project plans, acquisition plans, hiring plans, budget plans, maintenance plans, support plans, and system development plans. Operational Plan: An operational plan is a short-term, highly detailed plan based on the strategic and tactical plans. It is valid or useful only for a short time. Operational plans must be updated often (such as monthly or quarterly) to retain compliance with tactical plans. Operational plans spell out how to accomplish the various goals of the organization. They include resource allotments, budgetary requirements, staffing assignments, scheduling, and step-by-step or implementation procedures. Operational plans include details on how the implementation processes are in compliance with the organization's security policy. Examples of operational plans are training plans, system deployment plans, and product design plans.
Be familiar with the major hashing algorithms.
The successors to the Secure Hash Algorithm (SHA), SHA-1 and SHA-2, make up the government standard message digest function. SHA-1 produces a 160-bit message digest whereas SHA-2 supports variable lengths, ranging up to 512 bits. SHA-3 improves upon the security of SHA-2 and supports the same hash lengths.
Threat modeling
Threat modeling is the security process where potential threats are identified, categorized, and analyzed. Threat modeling can be performed as a proactive measure during design and development or as a reactive measure once a product has been deployed. In either case, the process identifies the potential harm, the probability of occurrence, the priority of concern, and the means to eradicate or reduce the threat. A proactive approach to threat modeling takes place during the early stages of systems development, specifically during initial design and specifications establishment. This type of threat modeling is also known as a defensive approach. This method is based on predicting threats and designing in specific defenses during the coding and crafting process, rather than relying on post-deployment updates and patches. A reactive approach to threat modeling takes place after a product has been created and deployed. This deployment could be in a test or laboratory environment or to the general marketplace. This type of threat modeling is also known as the adversarial approach. This technique of threat modeling is the core concept behind ethical hacking, penetration testing, source code review, and fuzz testing.
Understand how digital signatures are generated and verified.
To digitally sign a message, first use a hashing function to generate a message digest. Then encrypt the digest with your private key. To verify the digital signature on a message, decrypt the signature with the sender's public key and then compare the message digest to one you generate yourself. If they match, the message is authentic.
Quantitative Risk Analysis
Uses a mathematical approach to analyze the probability that risks will occur and the impact that risks have on the project. This information enables the risks to be prioritized. Exposure factor (EF): It is defined as the percentage of loss experienced by an organization when a particular asset is violated by a realized risk. Single loss expectancy (SLE): It is defined as the cost related to a single realized risk against a particular asset. The following formula is used to calculate the SLE:SLE = asset value (AV) * exposure factor (EF) Annualized rate of occurrence (ARO): It is defined as the expected frequency of occurrence of a particular threat or risk in a single year. Annualized loss expectancy (ALE): It is defined as the yearly cost of all instances of a particular threat against a particular asset. The following formula is used to calculate the ALE:ALE = single loss expectancy (SLE) * annualized rate of occurrence (ARO) The six major steps or phases in quantitative risk analysis are as follows: 1. Inventory assets, and assign a value (asset value, or AV). (Asset value is detailed further in a later section of this lesson named "Asset Valuation.") 2. Research each asset, and produce a list of all possible threats of each individual asset. For each listed threat, calculate the exposure factor (EF) or loss potential and single loss expectancy (SLE). 3. Perform a threat analysis to calculate the likelihood of each threat being realized within a single year—that is, the annualized rate of occurrence (ARO). 4. Derive the overall loss potential per threat by calculating the annualized loss expectancy (ALE). 5. Research countermeasures for each threat, and then calculate the changes to ARO and ALE based on an applied countermeasure. 6. Perform a cost/benefit analysis of each countermeasure for each threat for each asset. Select the most appropriate response to each threat.
Know how cryptographic salts improve the security of password hashing
When straightforward hashing is used to store passwords in a password file, attackers may use rainbow tables of precomputed values to identify commonly used passwords. Adding salts to the passwords before hashing them reduces the effectiveness of rainbow table attacks. Common password hashing algorithms that use key stretching to further increase the difficulty of attack include PBKDF2, bcrypt, and scrypt.
Standards Taxonomy
are formal written documents that describe several security concepts that are fundamental to all successful programs. The highest level includes the following: Asset and data classification Separation of duties Pre-employment hiring practices Risk analysis and management Education, awareness, and training
Operations Security
covers the kind of operational procedures and tools that eliminate or reduce the capability to exploit critical information. It includes defining the controls over media, hardware, and operators with special systems privileges.
two of the tools security specialists use to protect information systems
cryptography and firewalls
Security Policies
is a document that defines the scope of security needed by the organization and discusses the assets that require protection and the extent to which security solutions should go to provide the necessary protection. The security policy is an overview or generalization of an organization's security needs. It defines the main security objectives and outlines the security framework of an organization.
Defense in depth is needed to ensure that which three mandatory activities are present in a security system?
is implemented in overlapping layers that provide the three elements needed to secure assets: prevention, detection, and response.
chief security officer (CSO) or information security officer (ISO)
is sometimes used as an alternative to CISO, but in many organizations the CSO position is a subposition under the CISO that focuses on physical security. Another potential term for the CISO is information security officer (ISO), but this also can be used as a subposition under the CISO.
single loss expectancy (SLE)
is the monetary loss that is expected each time the risk materializes. You can compute the SLE using the following formula: SLE = AV x EF
Performing Reduction Analysis
reduction analysis is also known as decomposing the application, system, or environment. The purpose of this task is to gain a greater understanding of the logic of the product as well as its interactions with external elements. In the decomposition process, you must identify five key concepts: Trust Boundaries: Any location where the level of trust or security changes Data Flow Paths: The movement of data between locations Input Points: Locations where external input is received Privileged Operations: Any activity that requires greater privileges than of a standard user account or process, typically required to make system changes or alter security Details about Security Stance and Approach: The declaration of the security policy, security foundations, and security assumptions
three overall categories of security policies:
regulatory, advisory, and informative. A regulatory policy is required whenever industry or legal standards are applicable to your organization. This policy discusses the regulations that must be followed and outlines the procedures that should be used to elicit compliance. An advisory policy discusses behaviors and activities that are acceptable and defines consequences of violations. It explains senior management's desires for security and compliance within an organization. Most policies are advisory. An informative policy is designed to provide information or knowledge about a specific subject, such as company goals, mission statements, or how the organization interacts with partners and customers. An informative policy provides support, research, or background information relevant to the specific elements of the overall policy.
CIA Triad
these goals form the confidentiality, integrity, availability (CIA) triad, the basis of all security programs. Confidentiality is sometimes referred to as the principle of least privilege, meaning that users should be given only enough privilege to perform their duties, and no more. Some other synonyms for confidentiality you might encounter include privacy, secrecy, and discretion. Confidentiality models are primarily intended to ensure that no unauthorized access to information is permitted and that accidental disclosure of sensitive information is not possible. Common confidentiality controls are user IDs and passwords. Integrity is the concept of protecting the reliability and correctness of data. Integrity protection prevents unauthorized alterations of data. It ensures that data remains correct, unaltered, and preserved. Properly implemented integrity protection provides a means for authorized changes while protecting against intended and malicious unauthorized activities (such as viruses and intrusions) as well as mistakes made by authorized users (such as mistakes or oversights). Availability means authorized subjects are granted timely and uninterrupted access to objects. Often, availability protection controls support sufficient bandwidth and timeliness of processing as deemed necessary by the organization or situation. If a security mechanism offers availability, it offers a high level of assurance that the data, objects, and resources are accessible to authorized subjects. Availability includes efficient uninterrupted access to objects and prevention of denial-of-service (DoS) attacks. Availability also implies that the supporting infrastructure—including network services, communications, and access control mechanisms—is functional and allows authorized users to gain authorized access. Availability depends on both integrity and confidentiality. Without integrity and confidentiality, availability cannot be maintained.
Asymmetric encryption
two keys are used; one key encodes the message, and the other key decodes the message Asymmetric algorithms are slow, complex, intensive, and require added system resources and extra time to encrypt and decrypt the data. Therefore, asymmetric algorithms are used to generate public and private keys that protect encryption keys, such as session keys and secret keys, and are responsible for automated key distribution
Password strength
use combo of letters, numbers, symbols. Don't use common phrases.
