CompTIA CASP+: Authentication & Authorization

CompTIA    |    Intermediate
  • 11 videos | 1h 1m 45s
  • Includes Assessment
  • Earns a Badge
Securing user and device logins, as well as access to IT resources, relates to authentication and authorization. In this course, you'll learn how to differentiate between authentication and authorization and also ow to enable 2FA and MFA user authentication. Next, you'll explore how to enable Wi-Fi RADIUS authentication, configure SELinux, and enable attribute-based control in Windows. Lastly, you'll examine how to use Group Policy to configure password policy settings, crack passwords using freely available tools like the Johnny tool, brute-force RDP using Hydra, and limit cloud admin access using role-based access control. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.


  • Discover the key concepts covered in this course
    Differentiate between authentication and authorization
    Secure authentication with mfa
    Secure authentication with 2fa
    Configure radius authentication for a wi-fi network
    Configure attribute-based acls in windows
  • Use group policy to enable password policy settings
    Crack linux passwords using the johnny tool
    Brute-force rdp using hydra
    Configure role-based access control for cloud admin delegation
    Summarize the key concepts covered in this course


  • 1m 39s
    Here, you’ll learn more about your instructor and this course. In this course, you’ll learn the difference between authentication and authorization. You’ll learn to enable two-factor authentication and multifactor authentication. Then, you’ll learn to enable Wi-Fi radius authentication and enable attribute-based control in Windows. Lastly, you’ll learn to use group policies to configure password policy settings and crack passwords using freely available tools. FREE ACCESS
  • 8m 15s
    Here, you’ll learn authentication and authorization are very crucial parts of your IT security infrastructure. Authentication is proof of identity. It asks users to prove their identity before they gain access to a resource. Multi-factor authentication or MFA uses multiple authentication categories like something you know, like a username and a password, and something you are, such as biometric authentication. Fingerprint scans or facial recognition can unlock a phone. FREE ACCESS
  • Locked
    3.  Enabling Cloud User MFA and Conditional Access
    5m 18s
    Here, you’ll watch a demo. You’ll learn to enable cloud user MFA and conditional access. With conditional access, a number of conditions must be satisfied before users can make a connection to Azure or cloud-based apps by authenticating through Azure. Conditional access is known as rule-based access control. FREE ACCESS
  • Locked
    4.  Enabling 2FA for Web Apps
    4m 13s
    Here, you’ll watch a demo. You’ll learn to enable two-factor authentication, or 2FA for web apps. Two-factor authentication, also called 2-Step Verification is something you can enable with a user account for a variety of different apps. With 2-Step Verification you can make it more difficult for someone to break into a user account. Onscreen, you’ll see how to enable Google 2-Step Verification. FREE ACCESS
  • Locked
    5.  Enabling RADIUS for Wi-Fi
    4m 37s
    Here, you’ll watch a demo. You’ll learn how to enable RADIUS for Wi-Fi. You’ll see it's always important to make sure you limit access to a network. This is in addition to performing the standard hardening for all infrastructure devices and hosts on a network. Here, you’re referring to a wireless network. FREE ACCESS
  • Locked
    6.  Configuring Attribute-based Access Control
    11m 2s
    Here, you’ll watch a demo. You’ll learn how to configure attribute-based access control. In a Windows environment, you can use dynamic access control. This can be based on user attributes in Active Directory to determine the permissions they’re granted. First, you need to turn on a group policy setting. In your my Windows Server, you’ll go to the Start menu under Windows Administrative Tools. You’ll select Group Policy Management. FREE ACCESS
  • Locked
    7.  Enabling Password Policy Settings
    8m 38s
    Here, you’ll watch a demo. You’ll learn how to enable password policy settings. Passwords are widely used as an authentication mechanism. This means it's important to implement security policies that enforce password settings. This includes things like password requirements where a mixture of upper- and lower-case letters, numbers, and symbols are required. It might include setting a minimum password length and requiring password changes every 60 days. This is all part of a password policy. FREE ACCESS
  • Locked
    8.  Cracking Linux Passwords
    4m 1s
    Here, you’ll watch a demo on cracking passwords. In the case of a Linux system, you could try brute force to crack passwords. Of course, if password policies have intruder detection or lockout settings, accounts might be locked out after a number of subsequent attempts. However, password spraying is a technique many malicious users try. This is using the same password against many accounts. Now, you’re going to learn to use John the Ripper. FREE ACCESS
  • Locked
    9.  Brute-forcing Windows RDP
    6m 45s
    Here, you’ll watch a demo on brute-forcing Windows RDP. Remote Desktop protocol or RDP is what's commonly used to remotely manage Windows hosts using a GUI. First, you’ll open the start menu Windows Server. Then, you’ll search for remote and click on Remote Desktop settings. The first thing you need to do is make sure that on a given window's host, remote desktop is enabled. And that a firewall rule allows the traffic in. FREE ACCESS
  • Locked
    10.  Limiting Cloud Management Using RBAC
    5m 58s
    Here, you’ll watch a demo. You’ll learn more about limiting cloud management using RBAC. Role-based access control, or RBAC, is a great way to limit or delegate administrative permissions in an IT environment, including in the cloud. In Microsoft Azure, you can use roles which are collections of related permissions assigned to users or groups. You can apply those roles to a part of the Azure hierarchy, like an entire subscription. FREE ACCESS
  • Locked
    11.  Course Summary
    1m 18s
    Here, you’ll summarize what you’ve learned in this course. You’ve examined how to harden authentication and authorization through 2-factor authentication, multi-factor authentication, and RADIUS authentication. You’ll also learned how to harden and crack passwords. You examined how to configure attribute-based access control in Windows and how to enable password policy settings. Finally, you learned how to limit cloud management using role-based access control. FREE ACCESS


Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.