OWASP Top 10: A2 - Broken Authentication
OWASP 2021
| Intermediate
- 16 Videos | 1h 32m 15s
- Includes Assessment
- Earns a Badge
Hardening user and device authentication can go a long way in securing web applications. In this course, you'll start by learning the difference between authentication and authorization, where authorization follows successful authentication. You'll also learn how authentication and authorization are related to web application security. Next, you'll explore how to hash and encrypt user credentials and harden user accounts through Microsoft Group Policy. You'll then examine how to use freely available tools to crack user credentials in various ways, such as using the John the Ripper tool to pass Linux passwords and the Hydra tool to crack RDP passwords. Lastly, you'll learn how to enable user multi-factor authentication and conditional access policies, as well as how to mitigate weak authentication.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this coursedifferentiate between authentication and authorizationrecognize how weak authentication configurations can lead to system compromisehash user credentialsencrypt user credentialsuse Wireshark to view plain text credential transmissionsharden user authentication settings using Microsoft Group Policyuse the Hydra tool to crack web form user passwords
-
use Burp Suite to crack web form user passwordcrack RDP passwords using Hydrause John the Ripper to crack Linux passwordsuse the Social Engineering Toolkit (SET) to steal user credentialsenable multi-factor authentication for a Microsoft Azure cloud user accountconfigure a conditional access policy in Microsoft Azurerecognize how to mitigate broken authentication attackssummarize the key concepts covered in this course
IN THIS COURSE
-
1.Course Overview1m 42sUP NEXT
-
2.Authentication and Authorization6m 47s
-
3.Broken Authentication Attacks6m 2s
-
4.Hashing Credentials6m 44s
-
5.Encrypting Credentials over the Network5m 29s
-
6.Analyzing Plain Text Transmissions Using Wireshark6m 20s
-
7.Deploying Password Policies Using Group Policy4m 52s
-
8.Cracking Web Form Passwords with Hydra7m 58s
-
9.Cracking Web Form Passwords with Burp Suite8m 35s
-
10.Cracking RDP Passwords with Hydra6m 18s
-
11.Cracking Linux User Account Passwords5m 52s
-
12.Using Deception to Steal Credentials5m 26s
-
13.Enabling User Multi-factor Authentication7m 52s
-
14.Configuring Conditional Access Policies6m 10s
-
15.Mitigating Broken Authentication Attacks4m 57s
-
16.Course Summary1m 11s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform
Digital badges are yours to keep, forever.