Troubleshooting authentication and authorization

Security professionals often find themselves in the situation of troubleshooting issues with security controls. Authentication and authorization issues are high on the list of problems to solve. In this video, Mike Chapple explains the issues associated w

- [Instructor] Security professionals often find…themselves in the situation of troubleshooting…issues with security controls.…Authentication and authorization issues…are high on the list of problems to solve.…The use of unencrypted credentials is one of…the most serious authentication security issues…found on systems today.…There's really no excuse for systems that have this issue,…as the use of encryption can easily protect…these credentials.…The root issue is that when usernames and passwords…are sent in cleartext, anyone eavesdropping on the…network communication can intercept them and view them.…

You can encrypt credentials at the application level…by replacing protocols that run in cleartext…with secure alternatives that use encryption.…For example, instead of using the unencrypted Telnet…protocol, use the encrypted Secure Shell, or SSH protocol…for administrative connections to servers.…Instead of the unencrypted File Transfer Protocol, FTP,…use the encrypted Secure FTP, or SFTP protocol.…Instead of sending usernames and passwords…

Resume Transcript Auto-Scroll

Author

Mike Chapple

Skill Level Beginner

5h 27m

Duration

224,532

Views

Show More Show Less

Related Courses

Introduction
- Welcome
  1m 37s
- What you need to know
  30s
1. TCP/IP Suite
- Introducing TCP/IP
  5m 20s
- IP addresses
  3m 26s
- Domain name service
  4m 6s
- Network ports
  3m 42s
- ICMP
  3m 29s
2. Network Security Devices
- Routers, switches, and bridges
  3m 51s
- Firewalls
  4m 17s
- Proxies
  3m 3s
- Load balancers
  4m 44s
- VPNs and VPN concentrators
  4m 43s
- IPsec
  3m 17s
- Network intrusion detection and prevention
  5m 59s
- Unified threat management
  1m 57s
- OpenID Connect
  3m 24s
3. Managing Secure Networks
- Firewall rule management
  4m 41s
- Router configuration security
  4m 38s
- Switch configuration security
  3m 49s
- Maintaining network availability
  2m 43s
- Network monitoring
  4m 19s
- SNMP
  3m 18s
- Storage networks
  3m 8s
4. Wireless Networking
- Wireless networking
  3m 50s
- Basic wireless security
  3m 45s
- WEP, WPA, and WPA2
  1m 44s
- Wireless authentication
  5m 7s
- Wireless signal propagation
  2m 47s
- Wireless networking equipment
  2m 2s
5. Security and Monitoring Technologies
- Correlating security information
  2m 56s
- Tuning and configuring SIEMs
  3m 49s
- Continuous security monitoring
  4m 41s
- Data loss prevention
  7m 4s
- Network access control
  5m 34s
- Mail gateways
  3m 7s
- Data sanitization tools
  4m 11s
- Steganography
  4m 55s
6. Security Assessment Tools
- Protocol analyzers
  9m 17s
- Network scanning
  7m 15s
- Exploitation frameworks
  7m 14s
- Command line network tools
  14m 50s
- DNS harvesting
  5m 23s
7. Security Troubleshooting
- Troubleshooting authentication and authorization
  3m 52s
- Troubleshooting digital certificates
  7m 5s
- Troubleshooting device configurations
  4m 40s
- Change and configuration management
  5m 6s
- Physical asset management
  3m 6s
8. Personnel Security
- Personnel security
  3m 7s
- Security in the hiring process
  2m 55s
- Employee termination process
  2m 42s
- Employee privacy
  2m 23s
- Social networking
  3m 52s
- Personnel safety
  2m 31s
9. Host Security
- Operating system security
  9m 22s
- Malware prevention
  10m 25s
- Application management
  6m 38s
- Host-based network security controls
  7m 56s
- File integrity monitoring
  6m 46s
- Removable media control
  3m 42s
- Data execution prevention
  2m 17s
10. Mobile Device Security
- Mobile connection methods
  4m 39s
- Mobile device security
  2m 35s
- Mobile device management
  7m 7s
- Mobile device tracking
  3m 28s
- Mobile application security
  5m 31s
- Mobile security enforcement
  4m 14s
- Bring your own device
  4m 47s
- Mobile deployment models
  3m 31s
11. Securing Protocols
- TLS and SSL
  4m 1s
- Protocol security use cases
  4m 3s
- Securing common protocols
  6m 30s
- Cryptographic hardware
  4m 8s
Conclusion
- Next steps
  37s

Show MoreShow Less

Take notes with your new membership!

Type in the entry box, then click Enter to save your note.

1:30Press on any video thumbnail to jump immediately to the timecode shown.

Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.

Start My Free Month

Skills covered in this course

Categories

3D + Animation Topics

3D + Animation Software

3D + Animation Learning Paths

Audio + Music Topics

Audio + Music Software

Audio + Music Learning Paths

Business Topics

Business Software

Business Learning Paths

Business Guides

CAD Topics

CAD Software

CAD Learning Paths

Design Topics

Design Software

Design Learning Paths

Developer Topics

Developer Software

Developer Learning Paths

Education + Elearning Topics

Education + Elearning Software

Education + Elearning Learning Paths

IT Topics

IT Software

IT Learning Paths

Marketing Topics

Marketing Software

Marketing Learning Paths

Photography Topics

Photography Software

Photography Learning Paths

Video Topics

Video Software

Video Learning Paths

Web Topics

Web Software

Web Learning Paths

Web Guides

Troubleshooting authentication and authorization

Author

Skill Level Beginner

Duration

Views

Related Courses

IT Security Foundations: Core Concepts

Insights from a Cybersecurity Professional

Cybersecurity for IT Professionals

Introduction

1. TCP/IP Suite

2. Network Security Devices

3. Managing Secure Networks

4. Wireless Networking

5. Security and Monitoring Technologies

6. Security Assessment Tools

7. Security Troubleshooting

8. Personnel Security

9. Host Security

10. Mobile Device Security

11. Securing Protocols

Conclusion

Take notes with your new membership!

Skills covered in this course

Continue Assessment

Start My Free Month