Security professionals often find themselves in the situation of troubleshooting issues with security controls. Authentication and authorization issues are high on the list of problems to solve. In this video, Mike Chapple explains the issues associated w
- [Instructor] Security professionals often find…themselves in the situation of troubleshooting…issues with security controls.…Authentication and authorization issues…are high on the list of problems to solve.…The use of unencrypted credentials is one of…the most serious authentication security issues…found on systems today.…There's really no excuse for systems that have this issue,…as the use of encryption can easily protect…these credentials.…The root issue is that when usernames and passwords…are sent in cleartext, anyone eavesdropping on the…network communication can intercept them and view them.…
You can encrypt credentials at the application level…by replacing protocols that run in cleartext…with secure alternatives that use encryption.…For example, instead of using the unencrypted Telnet…protocol, use the encrypted Secure Shell, or SSH protocol…for administrative connections to servers.…Instead of the unencrypted File Transfer Protocol, FTP,…use the encrypted Secure FTP, or SFTP protocol.…Instead of sending usernames and passwords…
Author
Released
10/10/2017We are a CompTIA Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- IP addresses
- ICMP
- Routers, switches, and bridges
- Firewalls
- VPNs and VPN concentrators
- Network intrusion detection and prevention
- Managing secure networks
- Tuning and configuring SIEMs
- Troubleshooting digital certificates
- Personnel, host, and mobile device security
- Mobile device management and tracking
- Securing common protocols
Skill Level Beginner
Duration
Views
Related Courses
-
Insights from a Cybersecurity Professional
with Mike Chapple32m 15s Intermediate
-
Introduction
-
Welcome1m 37s
-
-
1. TCP/IP Suite
-
Introducing TCP/IP5m 20s
-
IP addresses3m 26s
-
Domain name service4m 6s
-
Network ports3m 42s
-
ICMP3m 29s
-
-
2. Network Security Devices
-
Firewalls4m 17s
-
Proxies3m 3s
-
Load balancers4m 44s
-
VPNs and VPN concentrators4m 43s
-
IPsec3m 17s
-
Unified threat management1m 57s
-
OpenID Connect3m 24s
-
3. Managing Secure Networks
-
Firewall rule management4m 41s
-
Network monitoring4m 19s
-
SNMP3m 18s
-
Storage networks3m 8s
-
-
4. Wireless Networking
-
Wireless networking3m 50s
-
Basic wireless security3m 45s
-
WEP, WPA, and WPA21m 44s
-
Wireless authentication5m 7s
-
Wireless signal propagation2m 47s
-
-
5. Security and Monitoring Technologies
-
Tuning and configuring SIEMs3m 49s
-
Data loss prevention7m 4s
-
Network access control5m 34s
-
Mail gateways3m 7s
-
Data sanitization tools4m 11s
-
Steganography4m 55s
-
6. Security Assessment Tools
-
Protocol analyzers9m 17s
-
Network scanning7m 15s
-
Exploitation frameworks7m 14s
-
Command line network tools14m 50s
-
DNS harvesting5m 23s
-
-
7. Security Troubleshooting
-
8. Personnel Security
-
Personnel security3m 7s
-
Employee termination process2m 42s
-
Employee privacy2m 23s
-
Social networking3m 52s
-
Personnel safety2m 31s
-
-
9. Host Security
-
Operating system security9m 22s
-
Malware prevention10m 25s
-
Application management6m 38s
-
File integrity monitoring6m 46s
-
Removable media control3m 42s
-
Data execution prevention2m 17s
-
-
10. Mobile Device Security
-
Mobile connection methods4m 39s
-
Mobile device security2m 35s
-
Mobile device management7m 7s
-
Mobile device tracking3m 28s
-
Mobile application security5m 31s
-
Mobile security enforcement4m 14s
-
Bring your own device4m 47s
-
Mobile deployment models3m 31s
-
-
11. Securing Protocols
-
TLS and SSL4m 1s
-
Securing common protocols6m 30s
-
Cryptographic hardware4m 8s
-
-
Conclusion
-
Next steps37s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Troubleshooting authentication and authorization