CompTIA CASP+: Authentication & Authorization

IN THIS COURSE

• 1.  Course Overview
  1m 39s
  Here, you’ll learn more about your instructor and this course. In this course, you’ll learn the difference between authentication and authorization. You’ll learn to enable two-factor authentication and multifactor authentication. Then, you’ll learn to enable Wi-Fi radius authentication and enable attribute-based control in Windows. Lastly, you’ll learn to use group policies to configure password policy settings and crack passwords using freely available tools. FREE ACCESS
• 2.  Authentication and Authorization
  8m 15s
  Here, you’ll learn authentication and authorization are very crucial parts of your IT security infrastructure. Authentication is proof of identity. It asks users to prove their identity before they gain access to a resource. Multi-factor authentication or MFA uses multiple authentication categories like something you know, like a username and a password, and something you are, such as biometric authentication. Fingerprint scans or facial recognition can unlock a phone. FREE ACCESS
• 3.  Enabling Cloud User MFA and Conditional Access
  5m 18s
  Here, you’ll watch a demo. You’ll learn to enable cloud user MFA and conditional access. With conditional access, a number of conditions must be satisfied before users can make a connection to Azure or cloud-based apps by authenticating through Azure. Conditional access is known as rule-based access control. FREE ACCESS
• 4.  Enabling 2FA for Web Apps
  4m 13s
  Here, you’ll watch a demo. You’ll learn to enable two-factor authentication, or 2FA for web apps. Two-factor authentication, also called 2-Step Verification is something you can enable with a user account for a variety of different apps. With 2-Step Verification you can make it more difficult for someone to break into a user account. Onscreen, you’ll see how to enable Google 2-Step Verification. FREE ACCESS
• 5.  Enabling RADIUS for Wi-Fi
  4m 37s
  Here, you’ll watch a demo. You’ll learn how to enable RADIUS for Wi-Fi. You’ll see it's always important to make sure you limit access to a network. This is in addition to performing the standard hardening for all infrastructure devices and hosts on a network. Here, you’re referring to a wireless network. FREE ACCESS
• 6.  Configuring Attribute-based Access Control
  11m 2s
  Here, you’ll watch a demo. You’ll learn how to configure attribute-based access control. In a Windows environment, you can use dynamic access control. This can be based on user attributes in Active Directory to determine the permissions they’re granted. First, you need to turn on a group policy setting. In your my Windows Server, you’ll go to the Start menu under Windows Administrative Tools. You’ll select Group Policy Management. FREE ACCESS
• 7.  Enabling Password Policy Settings
  8m 38s
  Here, you’ll watch a demo. You’ll learn how to enable password policy settings. Passwords are widely used as an authentication mechanism. This means it's important to implement security policies that enforce password settings. This includes things like password requirements where a mixture of upper- and lower-case letters, numbers, and symbols are required. It might include setting a minimum password length and requiring password changes every 60 days. This is all part of a password policy. FREE ACCESS
• 8.  Cracking Linux Passwords
  4m 1s
  Here, you’ll watch a demo on cracking passwords. In the case of a Linux system, you could try brute force to crack passwords. Of course, if password policies have intruder detection or lockout settings, accounts might be locked out after a number of subsequent attempts. However, password spraying is a technique many malicious users try. This is using the same password against many accounts. Now, you’re going to learn to use John the Ripper. FREE ACCESS
• 9.  Brute-forcing Windows RDP
  6m 45s
  Here, you’ll watch a demo on brute-forcing Windows RDP. Remote Desktop protocol or RDP is what's commonly used to remotely manage Windows hosts using a GUI. First, you’ll open the start menu Windows Server. Then, you’ll search for remote and click on Remote Desktop settings. The first thing you need to do is make sure that on a given window's host, remote desktop is enabled. And that a firewall rule allows the traffic in. FREE ACCESS
• 10.  Limiting Cloud Management Using RBAC
  5m 58s
  Here, you’ll watch a demo. You’ll learn more about limiting cloud management using RBAC. Role-based access control, or RBAC, is a great way to limit or delegate administrative permissions in an IT environment, including in the cloud. In Microsoft Azure, you can use roles which are collections of related permissions assigned to users or groups. You can apply those roles to a part of the Azure hierarchy, like an entire subscription. FREE ACCESS
• 11.  Course Summary
  1m 18s
  Here, you’ll summarize what you’ve learned in this course. You’ve examined how to harden authentication and authorization through 2-factor authentication, multi-factor authentication, and RADIUS authentication. You’ll also learned how to harden and crack passwords. You examined how to configure attribute-based access control in Windows and how to enable password policy settings. Finally, you learned how to limit cloud management using role-based access control. FREE ACCESS