OWASP Top 10: A07:2021-Identification & Authentication Failures

OWASP 2022 | Intermediate

14 Videos | 1h 18m 22s
Includes Assessment
Earns a Badge

Hardening user and device authentication can go a long way in securing web applications. In this course, learn the difference between authentication and authorization and how they relate to web application security. Next, explore how to hash and encrypt user credentials and harden user accounts through Microsoft Group Policy and practice using freely available tools to crack user credentials in various ways, including the Hydra tool, Burp Suite, and John the Ripper. Finally, learn how to enable user multi-factor authentication and conditional access policies, as well as how to mitigate weak authentication. Upon completion, you'll be able to recognize how to discover and mitigate authentication vulnerabilities using various tools.

WHAT YOU WILL LEARN

discover the key concepts covered in this course

differentiate between authentication and authorization

recognize how weak authentication configurations can lead to system compromise

hash user credentials

encrypt user credentials

analyze plain text credential transmissions using Wireshark

deploy password policies to harden user authentication settings using Microsoft Group Policy
crack web form passwords using the Hydra tool

crack web form passwords using Burp Suite

crack RDP passwords using Hydra

crack Linux passwords using John the Ripper

steal user credentials using the Social-Engineer Toolkit (SET)

enable multi-factor authentication for a Microsoft Azure cloud user account

summarize the key concepts covered in this course

IN THIS COURSE

1.

Course Overview

59s

UP NEXT
2.

Authentication and Authorization

6m 34s
3.

Broken Authentication Attacks

5m 48s

FREE ACCESS
4.

Hashing Credentials

6m 15s

FREE ACCESS
5.

Encrypting Credentials over the Network

6m 41s

FREE ACCESS
6.

Analyzing Plain Text Transmissions Using Wireshark

6m 24s

FREE ACCESS
7.

Deploying Password Policies Using Group Policy

4m 51s

FREE ACCESS
8.

Cracking Web Form Passwords with Hydra

9m 13s

FREE ACCESS
9.

Cracking Web Form Passwords with Burp Suite

4m 42s

FREE ACCESS
10.

Cracking RDP Passwords with Hydra

5m 58s

FREE ACCESS
11.

Cracking Linux User Account Passwords

6m 33s

FREE ACCESS
12.

Stealing Credentials Using Deception

5m 59s

FREE ACCESS
13.

Enabling User Multi-factor Authentication

7m 16s

FREE ACCESS
14.

Course Summary

1m 10s

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

COURSE OWASP Top 10: A01:2021-Broken Access Control

COURSE OWASP Top 10: A6 - Security Misconfiguration

COURSE OWASP Top 10: A06:2021-Vulnerable & Outdated Components

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Content items for Compliance and Leadership are not included in this subscription.

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

OWASP Top 10: A07:2021-Identification & Authentication Failures

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE