Đang chuẩn bị liên kết để tải về tài liệu:
Course 2830: Designing security for Microsoft networks - Module 8

Module 8 - Creating a security design for authentication. In this module, you will learn how to determine threats and analyze risks to authentication. You will learn how to design security for authenticating local users, remote users, and users who access your network across the Internet. You will also learn when to choose multifactor authentication for additional security. | Module 8: Creating a Security Design for Authentication Overview Determining Threats and Analyzing Risks to Authentication Designing Security for Authentication Lesson: Determining Threats and Analyzing Risks to Authentication Overview of Authentication Why Authentication Security Is Important Common Vulnerabilities of Authentication Practice: Analyzing Risks to Authentication Overview of Authentication Branch Office Corporate Headquarters Web Server Internet Server LAN LAN Remote User VPN Wireless User Locally Remotely Across the Internet Users can authenticate: Attacker Threat Example External Spoofing Attacker uses a friend’s home computer and gains remote access to the network by using cached credentials Internal Network monitoring Attacker intercepts password hashes used by an earlier authentication protocol and performs a brute force attack to reveal the password External Attacker Cached Credentials Internal Attacker AC234FFA2948404EE Why Authentication Security Is Important Vulnerability Example Passwords Passwords are transmitted in plaintext Password hashes are transmitted over the network Passwords are intercepted by Trojan horse applications Compatibility Older software uses weak authentication methods Authentication protocols are weakened for use with other applications Incompatibility with non-Microsoft operating systems Encryption An application uses weak encryption Older operating systems use weak encryption methods An attacker intercepts and replays authentication packets Common Vulnerabilities of Authentication Practice: Analyzing Risks to Authentication Read the scenario Answer the questions Discuss answers as a class 1 2 3 Analysis Steps for Determining Authentication Requirements LAN Authentication Protocols Considerations for Authenticating Accounts on a LAN Considerations for Authenticating Web Users Considerations for Authenticating RAS Users What Is Multifactor Authentication? Considerations for Authenticating Applications and Network . | Module 8: Creating a Security Design for Authentication Overview Determining Threats and Analyzing Risks to Authentication Designing Security for Authentication Lesson: Determining Threats and Analyzing Risks to Authentication Overview of Authentication Why Authentication Security Is Important Common Vulnerabilities of Authentication Practice: Analyzing Risks to Authentication Overview of Authentication Branch Office Corporate Headquarters Web Server Internet Server LAN LAN Remote User VPN Wireless User Locally Remotely Across the Internet Users can authenticate: Attacker Threat Example External Spoofing Attacker uses a friend’s home computer and gains remote access to the network by using cached credentials Internal Network monitoring Attacker intercepts password hashes used by an earlier authentication protocol and performs a brute force attack to reveal the password External Attacker Cached Credentials Internal Attacker AC234FFA2948404EE Why Authentication Security Is Important