Course Details

Previous Page


Securing User Accounts: Fundamental Security Concepts


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number



Overview/Description
Online user accounts, when not properly secured, are one of easiest entry points for savvy hackers. In this course, you'll learn about the fundamental security concepts of authenticity, integrity, and confidentiality, and what role they play in establishing effective user account policies. You'll also learn why and how most common user account breaches happen. Finally, this course covers some general security practices, such as privilege management, permissions, and account settings, to help protect against potential intrusions via user accounts.

Target Audience
Individuals such as network administrators, programmers, risk managers, and other key individuals interested in establishing and maintaining secure user account policies and practices

Prerequisites
None

Expected Duration (hours)
2.6

Lesson Objectives

Securing User Accounts: Fundamental Security Concepts

  • start the course
  • identify the purpose and requirement for secure user account controls
  • describe characteristics of the fundamental security concept of authenticity as it relates to securing user accounts
  • describe characteristics of the fundamental security concept of integrity as it relates to securing user accounts
  • describe characteristics of the fundamental security concept of confidentiality as it relates to securing user accounts
  • describe goals and motives for user account security attacks
  • distinguish between the different phases of a security attack
  • identify characteristics of username enumeration
  • identify characteristics of Cross-Site Request Forgery or CSRF
  • distinguish between the different types of web server password cracking techniques
  • identify best practices for performing vulnerability scanning to prevent user account compromise
  • identify best practices for patching and updating to prevent user account compromise
  • identify best-practice network protocols to protect against general security attacks
  • identify best-practice account protocols to protect against user account security attacks
  • identify best practices for event logging as a method for identifying and preventing account security breaches
  • describe best practices for applying the security principle of least privilege in secure user account management
  • describe best practices for applying defense in depth strategy in secure user account management
  • distinguish between users, groups, and role structures for privileges
  • distinguish between the different access permissions categories available to assign to account users
  • identify characteristics and best practices of implementing appropriate naming convention restrictions for user accounts
  • identify characteristics and best practices for limiting logon attempts as a restriction for user accounts
  • identify best practices for setting account expiry dates
  • identify best practices for disabling unused user accounts
  • identify best practices for setting time restrictions on user accounts
  • identify best practices for setting machine restrictions on user accounts
  • identify appropriate user account security policies and practices
  • Course Number:
    sp_soaa_a01_it_enus