Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Certified Information Security Manager Exam Prep Guide

You're reading from   Certified Information Security Manager Exam Prep Guide Aligned with the latest edition of the CISM Review Manual to help you pass the exam with confidence

Arrow left icon
Product type Paperback
Published in Nov 2021
Publisher Packt
ISBN-13 9781801074100
Length 616 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Hemang Doshi Hemang Doshi
Author Profile Icon Hemang Doshi
Hemang Doshi
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Section 1: Information Security Governance
2. Chapter 1: Information Security Governance FREE CHAPTER 3. Chapter 2: Practical Aspects of Information Security Governance 4. Section 2: Information Risk Management
5. Chapter 3: Overview of Information Risk Management 6. Chapter 4: Practical Aspects of Information Risk Management 7. Chapter 5: Procedural Aspects of Information Risk Management 8. Section 3: Information Security Program Development Management
9. Chapter 6: Overview of Information Security Program Development Management 10. Chapter 7: Information Security Infrastructure and Architecture 11. Chapter 8: Practical Aspects of Information Security Program Development Management 12. Chapter 9: Information Security Monitoring Tools and Techniques 13. Section 4: Information Security Incident Management
14. Chapter 10: Overview of Information Security Incident Manager 15. Chapter 11: Practical Aspects of Information Security Incident Management 16. Other Books You May Enjoy

Factors of authentication

There are three authentication factors that can be used for granting access:

  • Something you know: For example, a password, PIN, or some other personal information
  • Something you have: For example, a token, one-time password, or smart card
  • Something you are: For example, biometric features, such as a fingerprint, iris scan, or voice recognition

Similarly, two-factor authentication means the use of two authentication methods from the preceding list. For critical systems, it is advisable to use more than one factor of authentication for granting access. The following illustration indicates the implementation of two-factor authentication in a lighthearted way:

Figure 7.2 – Two-factor authentication

From the user's perspective, two-factor authentication will require additional effort, and therefore the security manager should strike a balance between ease of access and control.

Password...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime