Page 624 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 624

delays between access attempts as a greater number of authentication
               failures occur. Some devices allow for a set number of attempts (such

               as three) before triggering a lockout that lasts minutes. Other devices
               trigger a persistent lockout and require the use of a different account
               or master password/code to regain access to the device.


               Screen Locks

               A screen lock is designed to prevent someone from casually picking up
               and being able to use your phone or mobile device. However, most
               screen locks can be unlocked by swiping a pattern or typing a number

               on a keypad display. Neither of these is truly a secure operation.
               Screen locks may have workarounds, such as accessing the phone
               application through the emergency calling feature. And a screen lock
               doesn’t necessarily protect the device if a hacker connects to it over
               Bluetooth, wireless, or a USB cable.

               Screen locks are often triggered after a timeout period of nonuse. Most
               PCs autotrigger a password-protected screen saver if the system is left

               idle for a few minutes. Similarly, many tablets and mobile phones
               trigger a screen lock and dim or turn off the display after 30–60
               seconds. The lockout feature ensures that if you leave your device
               unattended or it’s lost or stolen, it will be difficult for anyone else to be
               able to access your data or applications. To unlock the device, you
               must enter a password, code, or PIN; draw a pattern; offer your
               eyeball or face for recognition; scan your fingerprint; or use a

               proximity device such as a near-field communication (NFC) or radio-
               frequency identification (RFID) ring or tile.



                             Near field communication (NFC) is a standard to establish


                  radio communications between devices in close proximity. It lets
                  you perform a type of automatic synchronization and association
                  between devices by touching them together or bringing them
                  within inches of each other. NFC is commonly found on
                  smartphones and many mobile device accessories. It’s often used
                  to perform device-to-device data exchanges, set up direct

                  communications, or access more complex services such as WiFi
   619   620   621   622   623   624   625   626   627   628   629