1. Define and explain the process of Kerberos
A: Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. It has the following characteristics: It is secure; it never sends a password unless it is encrypted.
2. Identify two written password policies that you find to be the most important. Explain why you chose those two.
A: Passwords should be unique and cannot include common words, reserved words, or account usernames. Passwords should be between 8 to 30 characters, but can be as long as 128 characters. These two are extremely important because they make sure the password the users chooses isn’t simple, and that it stays unique and complicated making it more difficult in getting hacked.
3. Identify at least five best practices when adding and removing a user.
A: Adding users: Save user passwords in encrypted files, enforce strong password policies to keep the database safe, change the default passwords of a new user, before providing access ensure that the user reads, receives, and agrees to the organization policies.
Removing users: Before removing user, perform a careful inventory of the user’s created objects, back up the user account, disable user account whenever possible, and always document removal of database user accounts.
4. Explain the principle of least privilege and how it should be applied with a database