Course Description
Authentication controls who gets access to resources. Stronger authentication means greater control over resource access. In this course, you will identify weaknesses including conducting vulnerability scans in order to protect IT assets.
Learning Objectives
Cryptography
- start the course
- recognize how crypto is used to secure data in the enterprise
- differentiate symmetric from asymmetric encryption
- differentiate asymmetric from symmetric encryption
- identify the PKI hierarchy
- request a security certificate from a CA
- encrypt files on a Windows system using EFS
- explain how file integrity can be maintained
- enable file integrity using Linux
- enable file integrity using Windows
Resource Access
- recognize authentication methods used to prove one's identity
- require VPN connections to use MFA
- recognize how resource access gets authorized
- configure centralized authentication using RADIUS
- describe what user provisioning entails
- describe how identity federation differs from traditional authentication
Identifying Weaknesses
- identify security weaknesses in server OSs
- identify security weaknesses on endpoint devices
- identify security weaknesses at the network level
- identify security weaknesses on mobile devices
Vulnerability Scanning
- recognize the overall process of scanning for vulnerabilities
- configure appropriate vulnerability scanning settings
- explain how the SCAP standard is used to measure vulnerability issues and compliance
- conduct a vulnerability scan using Nessus
- distinguish various vulnerability scanning tools from one another
- conduct a vulnerability scan using MBSA
- understand vulnerability scan results
- put controls in place to mitigate threats
Practice: Securing Data
- reduce vulnerabilities that can be exploited