Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Module 05
Authentication
Centralized
Administration
LDAP Client
Directory query
Directory query
LDAP Client
Trusted session
Signed certificate
Carrier Protocol
Encapsulating Packet
Original Packet
PPP
PPTP
L2TP
SSTP
HMAC
One-Time
Password:
0325170
HMAC One-Time
Password:
0325170
Expires in:
60 seconds
Directory query
Challenge
Response
Implement a VPN.
Use secure tunneling protocols.
Implement one-time password authentication.
Implement time-based OTPs.
Avoid using outdated remote access protocols.
RADIUS Server
Based on XML.
Exchanges authentication information between client, service,
and identity provider.
Defines security request information.
Web-based single sign-on across multiple protocols.
Processes
Functions
Policies
Account creation
Resource management
Shared and multiple account access
User access reviews
Account prohibition
Password policies
Uses:
Anonymous and guest accounts
Temporary employee accounts
Administrative accounts
Batch processing
Risks:
Lack of accountability
Lax in individual responsibility
Password distribution
Microsoft
Account
Password properties
Account lockout
Reversible password encryption in storage
Kerberos restrictions
Audit account events
Other rights and controls