0% found this document useful (0 votes)

36 views

07 - Implementing Authentication Controls

Uploaded by

Ziad Abdo

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

36 views

07 - Implementing Authentication Controls

Uploaded by

Ziad Abdo

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 49

07- Implementing Authentication Controls

1
Outlines

7.1- Summarize Authentication Design Concepts

7.2- Implement Knowledge-Based Authentication
7.3- Summarize Biometrics Authentication Concepts

Labs
Lab 8: Auditing Passwords with a Password Cracking Utility
Lab 9: Managing Centralized Authentication

Security+ (SY0-601) © netriders.academy 2

7.1- Summarize Authentication Design Concepts
.2- Implement Knowledge-Based Authentication
.3- Summarize Biometrics Authentication Concepts

Security+ (SY0-601) © netriders.academy 3

IDENTITY AND ACCESS MANAGEMENT
• An access control system is the set of technical controls that govern how subjects
may interact with objects.
• Subjects in this sense are users, devices, or software processes, or anything else
that can request and be granted access to a resource.
• Objects are the resources; these could be networks, servers, databases, files, and
so on.

Security+ (SY0-601) © netriders.academy 4

DENTITY AND ACCESS MANAGEMENT (cont.)
• An identity and access management (IAM) system is usually described in terms of
four main processes:
✓ Identification—creating an account or ID that uniquely represents the user, device, or process
on the network.
✓ Authentication—proving that a subject is who or what it claims to be when it attempts to
access the resource.
✓ Authorization—determining what rights subjects should have on each resource, and
enforcing those rights.
✓ Accounting—tracking authorized usage of a resource or use of rights by a subject and alerting
when unauthorized use is detected or attempted.

Security+ (SY0-601) © netriders.academy 5

DENTITY AND ACCESS MANAGEMENT (cont.)

Security+ (SY0-601) © netriders.academy 6

AUTHENTICATION FACTORS
• Assuming that an account has been created securely (the identity of the account
holder has been verified), authentication verifies that only the account holder is
able to use the account, and that the system may only be used by account
holders.
• Authentication is performed when the account holder supplies the appropriate
credentials (or authenticators) to the system.
• These are compared to the credentials stored on the system.
• If they match, the account is authenticated.
• There are many different technologies for defining credentials and can be
categorized as factors.

Security+ (SY0-601) © netriders.academy 7

AUTHENTICATION FACTORS (cont.)
• Something You Know Authentication
✓ The typical knowledge factor is the logon, composed of a username and a password.
✓ The username is typically not a secret (although it should not be published openly), but the
password must be known only to the account holder.
✓ A personal identification number (PIN) is also something you know, although long PIN codes
are hard to remember, and short codes are too vulnerable for most authentication systems.
✓ Swipe patterns are often used for authentication to touch-based devices.

Security+ (SY0-601) © netriders.academy 8

AUTHENTICATION FACTORS (cont.)
• Something You Have Authentication
✓ An ownership factor means that the account holder possesses something that no one else
does, such as a smart card, fob, or wristband programmed with a unique identity certificate
or account number.
✓ These ownership factors can be described as hard tokens.
✓ A device such as a smartphone can also be used to receive a uniquely generated access code
as a soft token.
✓ Unlike a password, these tokens are valid for only one use, typically within a brief time
window.

Security+ (SY0-601) © netriders.academy 9

AUTHENTICATION FACTORS (cont.)
• Something You Are/Do Authentication
✓ A biometric factor uses either physiological identifiers, such as a fingerprint, or behavioral
identifiers, such as the way someone moves (gait).
✓ The identifiers are scanned and recorded as a template.
✓ When the user authenticates, another scan is taken and compared to the template.

Security+ (SY0-601) © netriders.academy 10

AUTHENTICATION DESIGN
• Authentication design refers to selecting a technology that meets requirements
for confidentiality, integrity, and availability:
✓ Confidentiality, in terms of authentication, is critical, because if account credentials are
leaked, threat actors can impersonate the account holder and act on the system with
whatever rights they have.
✓ Integrity means that the authentication mechanism is reliable and not easy for threat actors
to bypass or trick with counterfeit credentials.
✓ Availability means that the time taken to authenticate does not impede workflows and is
easy enough for users to operate.

Security+ (SY0-601) © netriders.academy 11

MULTIFACTOR AUTHENTICATION
• An authentication technology is considered strong if it combines the use of more
than one type of knowledge, ownership, and biometric factor, and is called
multifactor authentication (MFA).
• Single-factor authentication can quite easily be compromised: a password could
be written down or shared, a smart card could be lost or stolen, and a biometric
system could be subject to high error rates or spoofing.
• Two-Factor Authentication (2FA) combines either an ownership-based smart card
or biometric identifier with something you know, such as a password or PIN.

Security+ (SY0-601) © netriders.academy 12

MULTIFACTOR AUTHENTICATION (cont.)
• Three-factor authentication combines all three technologies, or incorporates an
additional attribute, such as location; for example, a smart card with integrated
fingerprint reader.
• This means that to authenticate, the user must possess the card, the user's
fingerprint must match the template stored on the card, and the user must input
a PIN or password.

Security+ (SY0-601) © netriders.academy 13

.1- Summarize Authentication Design Concepts
7.2- Implement Knowledge-Based Authentication
.3- Summarize Biometrics Authentication Concepts

Security+ (SY0-601) © netriders.academy 14

OCAL, NETWORK, AND REMOTE AUTHENTICATION
• One of the most important features of an operating system is the authentication
provider, which is the software architecture and code that underpins the
mechanism by which the user is authenticated before starting a shell.
• This is usually described as a login (Linux) or a logon or sign-in (Microsoft).
• Knowledge-based authentication, using a password or personal identification
number (PIN), is the default authentication provider for most operating systems.

Security+ (SY0-601) © netriders.academy 15

OCAL, NETWORK, AND REMOTE AUTHENTICATION
cont.)
• Knowledge-based authentication relies on cryptographic hashes.
• A plaintext password is not usually transmitted or stored in a credential database
because of the risk of compromise.
• Instead, the password is stored as a cryptographic hash.
• When a user enters a password to log in, an authenticator converts what is typed
into a hash and transmits that to an authority.
• The authority compares the submitted hash to the one in the database and
authenticates the subject only if they match.

Security+ (SY0-601) © netriders.academy 16

Windows Authentication
• Windows authentication involves a complex architecture of components
(docs.microsoft.com/en-us/windows-server/security/windows-
authentication/credentials-processes-in-windows-authentication), but the
following three scenarios are typical:
✓ Windows local sign-in—the Local Security Authority (LSA) compares the submitted credential
to a hash stored in the Security Accounts Manager (SAM) database, which is part of the
registry.
✓ Windows network sign-in—the LSA can pass the credentials for authentication to a network
service, The preferred system for network authentication is based on Kerberos, but legacy
network applications might use NT LAN Manager (NTLM) authentication.
✓ Remote sign-in—if the user's device is not connected to the local network, authentication
can take place over some type of virtual private network (VPN) or web portal.

Security+ (SY0-601) © netriders.academy 17

Linux Authentication
• In Linux, local user account names are stored in /etc/passwd.
• When a user logs in to a local interactive shell, the password is checked against a
hash stored in /etc/shadow.
• Interactive login over a network is typically accomplished using Secure Shell
(SSH).
• With SSH, the user can be authenticated using cryptographic keys instead of a
password.

Security+ (SY0-601) © netriders.academy 18

Single Sign-On (SSO)
• A single sign-on (SSO) system allows the user to authenticate once to a local
device and be authenticated to compatible application servers without having to
enter credentials again.
• In Windows, SSO is provided by the Kerberos framework.

Security+ (SY0-601) © netriders.academy 19

KERBEROS AUTHENTICATION
• Kerberos is a single sign-on network authentication and authorization protocol
used on many networks, notably as implemented by Microsoft's Active Directory
(AD) service.
• Kerberos was named after the three-headed guard dog of Hades (Cerberus)
because it consists of three parts.

Security+ (SY0-601) © netriders.academy 20

KERBEROS AUTHENTICATION (cont.)
• Clients request services from application servers, which both rely on an
intermediary—a Key Distribution Center (KDC)—to vouch for their identity.
• There are two services that make up a KDC:
✓ The Authentication Service
✓ The Ticket Granting Service
• The KDC runs on port 88 using TCP or UDP.
• The Authentication Service is responsible for authenticating user logon requests.

Security+ (SY0-601) © netriders.academy 21

KERBEROS AUTHENTICATION (cont.)

1. The client sends the authentication service (AS) a request for a Ticket Granting
Ticket (TGT), This is composed by encrypting the date and time on the local
computer with the user's password hash as the key.
2. The AS checks that the user account is present, that it can decode the request
by matching the user's password hash with the one in the Active Directory
database, and that the request has not expired, If the request is valid, the AS
responds with the following data:
✓ Ticket Granting Ticket (TGT)—this contains information about the client (name and IP
address) plus a timestamp and validity period, This is encrypted using the KDC's secret key.
✓ TGS session key for use in communications between the client and the Ticket Granting
Service (TGS), This is encrypted using a hash of the user's password.

Security+ (SY0-601) © netriders.academy 22

PAP, CHAP, AND MS-CHAP AUTHENTICATION
• Kerberos is designed to work over a trusted local network.
• Several authentication protocols have been developed to work with remote
access protocols, where the connection is made over a serial link or virtual
private network (VPN).

1. Password Authentication Protocol (PAP)

✓ The Password Authentication Protocol (PAP) is an unsophisticated authentication method
developed as part of the Point-to-Point Protocol (PPP), used to transfer TCP/IP data over
serial or dial-up connections.
✓ It is also used as the basic authentication mechanism in HTTP.
✓ It relies on clear text password exchange and is therefore obsolete for most purposes, except
through an encrypted tunnel.

Security+ (SY0-601) © netriders.academy 23

AP, CHAP, AND MS-CHAP AUTHENTICATION (cont.)

2. Challenge Handshake Authentication Protocol (CHAP)

• The Challenge Handshake Authentication Protocol (CHAP) was also developed as part of PPP
as a means of authenticating users over a remote link.
• CHAP relies on an encrypted challenge in a system called a three-way handshake.
✓ Challenge—the server challenges the client, sending a randomly generated challenge message.
✓ Response—the client responds with a hash calculated from the server challenge message and client password
(or other shared secret).
✓ Verification—the server performs its own hash using the password hash stored for the client. If it matches the
response, then access is granted; otherwise, the connection is dropped.
• The handshake is repeated with a different challenge message periodically during the
connection (although transparent to the user), This guards against replay attacks, in which a
previous session could be captured and reused to gain access.

Security+ (SY0-601) © netriders.academy 24

AP, CHAP, AND MS-CHAP AUTHENTICATION (cont.)

3. MS-CHAPv2
✓ Microsoft's implementation of CHAP.
✓ Because of the way it uses vulnerable NTLM hashes, MS-CHAP should not be deployed
without the protection of a secure connection tunnel so that the credentials being passed are
encrypted.

Security+ (SY0-601) © netriders.academy 25

PASSWORD ATTACKS
• When a user chooses a password, the password is converted to a hash using a
cryptographic function, such as MD5 or SHA.
• This means that, in theory, no one except the user (not even the system
administrator) knows the password, because the plaintext should not be
recoverable from the hash.

Security+ (SY0-601) © netriders.academy 26

PASSWORD ATTACKS (cont.)
• Plaintext/Unencrypted Attacks
✓ A plaintext/unencrypted attack exploits password storage or a network authentication
protocol that does not use encryption.
✓ Examples include PAP, basic HTTP/FTP authentication, and Telnet.
✓ These protocols must not be used.
✓ Passwords must never be saved to an unmanaged file.
✓ One common source of credential breaches is passwords embedded in application code that
has subsequently been uploaded to a public repository.

Security+ (SY0-601) © netriders.academy 27

PASSWORD ATTACKS (cont.)
• Online Attacks
✓ An online password attack is where the threat actor interacts with the authentication service
directly—a web login form or VPN gateway, for instance.
✓ The attacker submits passwords using either a database of known passwords (and variations)
or a list of passwords that have been cracked offline.
✓ Also, be aware that there are databases of username and password/password hash
combinations for multiple accounts stored across the Internet.
✓ These details derive from successful hacks of various companies' systems.
✓ These databases can be searched using a site such as haveibeenpwned.com.

Security+ (SY0-601) © netriders.academy 28

PASSWORD ATTACKS (cont.)
• Offline Attacks
✓ An offline attack means that the attacker has managed to obtain a database of password
hashes, such as %SystemRoot%\System32\config\SAM, %SystemRoot%\NTDS\NTDS.DIT
(the Active Directory credential store), or /etc/shadow.
✓ Once the password database has been obtained, the cracker does not interact with the
authentication system.
✓ The only indicator of this type of attack (other than misuse of the account in the event of a
successful attack) is a file system audit log that records the malicious account accessing one
of these files.

Security+ (SY0-601) © netriders.academy 29

PASSWORD ATTACKS (cont.)
• Offline Attacks (cont.)
✓ Threat actors can also read credentials from host memory, in which case the only reliable
indicator might be the presence of attack tools on a host.
✓ If the attacker cannot obtain a database of passwords, a packet sniffer might be used to
obtain the client response to a server challenge in a protocol such as NTLM or CHAP/MS-
CHAP.
✓ Although these protocols avoid sending the hash of the password directly, the response is
derived from it in some way.
✓ Password crackers can exploit weaknesses in a protocol to calculate the hash and match it to
a dictionary word or brute force it.

Security+ (SY0-601) © netriders.academy 30

BRUTE-FORCE AND DICTIONARY ATTACKS
• Some password attacks exploit the weak credentials chosen by users.
• Others can exploit vulnerabilities in the storage mechanism.
• For Example:
✓ The Windows SAM database can be configured to store hashes for compatibility with older
versions (LM and NTLMv1 hashes).
✓ These legacy hashes are cryptographically weak and highly vulnerable to password cracking.

Security+ (SY0-601) © netriders.academy 31

Brute-Force Attack
• A brute-force attack attempts every possible combination in the output space in
order to match a captured hash and guess at the plaintext that generated it.
• The output space is determined by the number of bits used by the algorithm
(128-bit MD5 or 256-bit SHA256, for instance).
• The larger the output space and the more characters that were used in the
plaintext password, the more difficult it is to compute and test each possible hash
to find a match.
• Brute-force attacks are heavily constrained by time and computing resources, and
are therefore most effective at cracking short passwords.
• However, brute-force attacks distributed across multiple hardware components,
like a cluster of high-end graphics cards, can be successful at cracking longer
passwords.

Dictionary and Rainbow Table Attacks
• Dictionary attack
✓ can be used where there is a good chance of guessing the likely value of the plaintext, such as
a non-complex password.
✓ The software generates hash values from a dictionary of plaintexts to try to match one to a
captured hash.
• Rainbow table
✓ The attacker uses a precomputed lookup table of all possible passwords and their matching
hashes.
✓ Not all possible hash values are stored, as this would require too much memory.
✓ Values are computed in chains, and only the first and last values need to be stored.
✓ The hash value of a stored password can then be looked up in the table and the
corresponding plaintext discovered.

Dictionary and Rainbow Table Attacks (cont.)
• Using a salt to add a random value to the stored plaintext helps to slow down
rainbow table attacks, because the tables cannot be created in advance and must
be recreated for each combination of password and salt value.
• Rainbow tables are also impractical when trying to discover long passwords
(more than about 14 characters).
• UNIX and Linux password storage mechanisms use salt, but Windows does not.
• Consequently, in a Windows environment, it is even more important to enforce
strong password policies.

Hybrid Attack
• A hybrid password attack uses a combination of attack methods when trying to
crack a password.
• A typical hybrid password attack uses a combination of dictionary and brute
force attacks.
• It is principally targeted against naive passwords with inadequate complexity,
such as james1.

PASSWORD CRACKERS
• Although there are some Windows tools, including the infamous Cain and
L0phtcrack (l0phtcrack.com) tools, most password crackers run primarily on Linux.
• For example, a tool such as Hashcat (hashcat.net/hashcat) is run using the
following general syntax:
hashcat -m HashType -a AttackMode -o OutputFile InputHashFile
• The input file should contain hashes of the same type, using the specified format
(hashcat.net/wiki/doku.php?id=example_hashes).
• Hashcat can be used with a single word list (dictionary mode -a 0) or multiple
word lists (combinator mode -a 1).

PASSWORD CRACKERS (cont.)

Lab

Lab 8: Auditing Passwords with a Password Cracking Utility

1- Summarize Authentication Design Concepts
2- Implement Knowledge-Based Authentication
.3- Summarize Biometrics Authentication Concepts

BIOMETRIC AUTHENTICATION
• The first step in setting up biometric authentication is enrollment.
• The chosen biometric information is scanned by a biometric reader and
converted to binary information.
• There are generally two steps in the scanning process:
1. A sensor module acquires the biometric sample from the target.
2. A feature extraction module records the features in the sample that uniquely identify the
target.
• The biometric template is kept in the authentication server's database.
• When the user wants to access a resource, he or she is re-scanned, and the scan
is compared to the template.
• If they match to within a defined degree of tolerance, access is granted.
Security+ (SY0-601) © netriders.academy 40
FINGERPRINT RECOGNITION
• Physiologic biometric features represent a something you are factor.
• They include fingerprint patterns, iris or retina recognition, or facial recognition.
• Fingerprint recognition is the most widely implemented biometric authentication
method.
• The technology required for scanning and recording fingerprints is relatively
inexpensive and the process quite straightforward.
• The technology is also non-intrusive and relatively simple to use, although
moisture or dirt can prevent readings.

FINGERPRINT RECOGNITION (cont.)
• The main problem with fingerprint scanners is that it is possible to obtain a copy
of a user's fingerprint and create a mold of it that will fool the scanner
(tomsguide.com/us/iphone-touch-id-hack,news-20066.html).
• These concerns are addressed by vein matching scanners, or vascular biometrics.
• This requires a more complex scanner—an infrared light source and camera—to
create a template from the unique pattern of blood vessels in a person's finger or
palm.

FACIAL RECOGNITION
• Facial recognition records multiple indicators about the size and shape of the
face, like the distance between each eye, or the width and length of the nose.
• The initial pattern must be recorded under optimum lighting conditions;
depending on the technology, this can be a lengthy process.
• Again, this technology is very much associated with law enforcement, and is the
most likely to make users uncomfortable about the personal privacy issues.
• Facial recognition suffers from relatively high false acceptance and rejection rates
and can be vulnerable to spoofing.
• Much of the technology development is in surveillance, rather than for
authentication, although it is becoming a popular method for use with
smartphones.

FACIAL RECOGNITION (cont.)
• The limitations of facial recognition can be overcome by scanning more detailed
features of the eye:
✓ Retinal scan—an infrared light is shone into the eye to identify the pattern of blood vessels,
The arrangement of these blood vessels is highly complex and typically does not change from
birth to death, except in the event of certain diseases or injuries, Retinal scanning is therefore
one of the most accurate forms of biometrics, Retinal patterns are very secure, but the
equipment required is expensive and the process is relatively intrusive and complex. False
negatives can be produced by disease, such as cataracts.

FACIAL RECOGNITION (cont.)
• The limitations of facial recognition can be overcome by scanning more detailed
features of the eye (cont.)
✓ Iris scan—matches patterns on the surface of the eye using near-infrared imaging and so is
less intrusive than retinal scanning (the subject can continue to wear glasses, for instance)
and a lot quicker, Iris scanners offer a similar level of accuracy as retinal scanners but are
much less likely to be affected by diseases, Iris scanning is the technology most likely to be
rolled out for high-volume applications, such as airport security, There is a chance that an iris
scanner could be fooled by a high-resolution photo of someone's eye.

BEHAVIORAL TECHNOLOGIES
• Something you do refers to behavioral biometric pattern recognition.
• Rather than scan some attribute of your body, a template is created by analyzing
a behavior, such as typing, writing a signature, or walking/moving.
• The variations in motion, pressure, or gait are supposed to uniquely verify each
individual.
• In practice, however, these methods are subject to higher error rates, and are
much more troublesome for a subject to perform.

BEHAVIORAL TECHNOLOGIES (cont.)
• Voice Recognition
✓ Relatively cheap, as the hardware and software required are built into many standard PCs
and mobiles.
✓ However, obtaining an accurate template can be difficult and time-consuming.
✓ Background noise and other environmental factors can also interfere with logon.
✓ Voice is also subject to impersonation.
• Gait Analysis
✓ Produces a template from human movement (locomotion).
✓ The technologies can either be camera-based or use smartphone features, such as an
accelerometer and gyroscope.

BEHAVIORAL TECHNOLOGIES (cont.)
• Signature Recognition
✓ Signatures are relatively easy to duplicate, but it is more difficult to fake the actual signing
process.
✓ Signature matching records the user applying their signature (stroke, speed, and pressure of
the stylus).
• Typing
✓ Matches the speed and pattern of a user’s input of a passphrase.

Lab

Lab 9: Managing Centralized Authentication

75 Promising Startups NIDHI Seed Support Program
No ratings yet
75 Promising Startups NIDHI Seed Support Program
110 pages
BBP Precedures
No ratings yet
BBP Precedures
6 pages
Exercise Workbook 19 Ais
No ratings yet
Exercise Workbook 19 Ais
93 pages
How To Add A ZTE ONT On Huawei OLT
No ratings yet
How To Add A ZTE ONT On Huawei OLT
10 pages
Lecture 14
No ratings yet
Lecture 14
29 pages
06-Implementing Public Key Infrastructure: Senior Technical Instructor Ahmedsultan - Me/about
No ratings yet
06-Implementing Public Key Infrastructure: Senior Technical Instructor Ahmedsultan - Me/about
25 pages
Identity and Account Management Controls
No ratings yet
Identity and Account Management Controls
31 pages
module4
No ratings yet
module4
68 pages
Basic Security Control
No ratings yet
Basic Security Control
26 pages
Security in the Cloud
No ratings yet
Security in the Cloud
34 pages
UNIT 4 Identification and Authentication
No ratings yet
UNIT 4 Identification and Authentication
25 pages
Authentication
No ratings yet
Authentication
39 pages
Lecture 08
No ratings yet
Lecture 08
31 pages
Cloud_Security__1709963031
No ratings yet
Cloud_Security__1709963031
8 pages
Cybersecurity Essentials 3.0-Module13
No ratings yet
Cybersecurity Essentials 3.0-Module13
56 pages
UNIT 3
No ratings yet
UNIT 3
21 pages
CN&CS_UNIT_-_3[1]
No ratings yet
CN&CS_UNIT_-_3[1]
26 pages
Chapter 9 Security Planning - Physical
No ratings yet
Chapter 9 Security Planning - Physical
33 pages
Unit IV Authentication
No ratings yet
Unit IV Authentication
3 pages
Network Security Unit 2
No ratings yet
Network Security Unit 2
45 pages
8.1 Cyber Security
No ratings yet
8.1 Cyber Security
6 pages
Elevator Pitch: Introduce Yourself in Few Seconds
No ratings yet
Elevator Pitch: Introduce Yourself in Few Seconds
25 pages
unit4
No ratings yet
unit4
48 pages
DATABASE Sasta Sem Notes
No ratings yet
DATABASE Sasta Sem Notes
24 pages
Enterprise Security Summary PDF
No ratings yet
Enterprise Security Summary PDF
23 pages
Unit 1 Web Appln Security Prinicples PDF
No ratings yet
Unit 1 Web Appln Security Prinicples PDF
140 pages
Unit 3
No ratings yet
Unit 3
46 pages
Chapter 1
No ratings yet
Chapter 1
54 pages
E-Business in Hospitality 7
No ratings yet
E-Business in Hospitality 7
15 pages
InfoSec_Lect7
No ratings yet
InfoSec_Lect7
52 pages
Secure Operating System Design
No ratings yet
Secure Operating System Design
28 pages
01 - Comparing Security Roles and Security Controls
No ratings yet
01 - Comparing Security Roles and Security Controls
20 pages
SC 900T00A ENU PowerPoint - 01
No ratings yet
SC 900T00A ENU PowerPoint - 01
20 pages
Security in It: Shikhar Agarwal
No ratings yet
Security in It: Shikhar Agarwal
40 pages
CC 5
No ratings yet
CC 5
17 pages
Unit -3 (MCA -2nd Yr)
No ratings yet
Unit -3 (MCA -2nd Yr)
24 pages
download-20171010115333
No ratings yet
download-20171010115333
46 pages
Logical Security Presentation
No ratings yet
Logical Security Presentation
13 pages
Atlassian Zero Trust Guide
No ratings yet
Atlassian Zero Trust Guide
12 pages
web security unit 1 question bank
No ratings yet
web security unit 1 question bank
8 pages
Unit 1- Web appln security prinicples
No ratings yet
Unit 1- Web appln security prinicples
140 pages
Ebook - Implementing Zero Trust SASE
No ratings yet
Ebook - Implementing Zero Trust SASE
15 pages
2 ND
No ratings yet
2 ND
20 pages
Network Security UNIT III
No ratings yet
Network Security UNIT III
23 pages
Authentication and Authorization
No ratings yet
Authentication and Authorization
41 pages
Information security
No ratings yet
Information security
18 pages
Chapter-3
No ratings yet
Chapter-3
45 pages
Puru - Secure Coding Best Practices
No ratings yet
Puru - Secure Coding Best Practices
66 pages
Identity and Access Management
No ratings yet
Identity and Access Management
10 pages
Describe The Concepts of Security, Compliance, and Identity: 3. Define Defense in Depth
No ratings yet
Describe The Concepts of Security, Compliance, and Identity: 3. Define Defense in Depth
68 pages
Grid and Cloud Computing Important Questions Unit 5 Part A
No ratings yet
Grid and Cloud Computing Important Questions Unit 5 Part A
4 pages
03b - Identification and Authentication
No ratings yet
03b - Identification and Authentication
34 pages
Basic Concepts of Access Control, Identification and Authentication
No ratings yet
Basic Concepts of Access Control, Identification and Authentication
257 pages
CS687 - Authentication - Winter 2022
No ratings yet
CS687 - Authentication - Winter 2022
123 pages
Application Security Introduction - Overview PT 2
No ratings yet
Application Security Introduction - Overview PT 2
40 pages
Cissp Chapter02
No ratings yet
Cissp Chapter02
151 pages
Machine Identities in Cyber 1695282819
No ratings yet
Machine Identities in Cyber 1695282819
11 pages
Networking 8
No ratings yet
Networking 8
27 pages
Zero-Trust Achitecture
No ratings yet
Zero-Trust Achitecture
11 pages
Unit-4
No ratings yet
Unit-4
25 pages
sc900 Module1
No ratings yet
sc900 Module1
29 pages
CCNA Security Course Booklet-78-98
No ratings yet
CCNA Security Course Booklet-78-98
21 pages
Unit 3
No ratings yet
Unit 3
65 pages
CompTia Security 701: Fundamentals of Security
From Everand
CompTia Security 701: Fundamentals of Security
AS Snipes
No ratings yet
05 - Summarizing Basic Cryptographic Concepts
No ratings yet
05 - Summarizing Basic Cryptographic Concepts
17 pages
02 - Explaining Threat Actors and Threat Intelligence
No ratings yet
02 - Explaining Threat Actors and Threat Intelligence
26 pages
03 - Performing Security Assessments
No ratings yet
03 - Performing Security Assessments
78 pages
Microsoft Official Course: Designing and Implementing An Active Directory Organizational Unit Infrastructure
No ratings yet
Microsoft Official Course: Designing and Implementing An Active Directory Organizational Unit Infrastructure
28 pages
Microsoft Official Course: Planning and Implementing Storage
No ratings yet
Microsoft Official Course: Planning and Implementing Storage
17 pages
Microsoft Official Course: Designing and Implementing An Active Directory Domain Services Topology
No ratings yet
Microsoft Official Course: Designing and Implementing An Active Directory Domain Services Topology
46 pages
Microsoft Official Course: Designing and Implementing Name Resolution
No ratings yet
Microsoft Official Course: Designing and Implementing Name Resolution
46 pages
Microsoft Official Course: Planning and Implementing A Server Deployment Infrastructure
No ratings yet
Microsoft Official Course: Planning and Implementing A Server Deployment Infrastructure
26 pages
Microsoft Official Course
No ratings yet
Microsoft Official Course
41 pages
Microsoft Official Course: Designing and Maintaining An IP Configuration and Address Management Solution
No ratings yet
Microsoft Official Course: Designing and Maintaining An IP Configuration and Address Management Solution
29 pages
Microsoft Official Course: Planning A Server Upgrade and Migration
No ratings yet
Microsoft Official Course: Planning A Server Upgrade and Migration
30 pages
FARIGITIS - JURNAL, Edward
No ratings yet
FARIGITIS - JURNAL, Edward
8 pages
Nim. 4163322004 Chapter Iii
No ratings yet
Nim. 4163322004 Chapter Iii
19 pages
Low Methionine Recipes
No ratings yet
Low Methionine Recipes
8 pages
Unit 5 HRM in Retailing: 1. Societal Objectives
No ratings yet
Unit 5 HRM in Retailing: 1. Societal Objectives
20 pages
2023 10 23 en
No ratings yet
2023 10 23 en
4 pages
The Unicorn in The Garden - Moral
100% (1)
The Unicorn in The Garden - Moral
1 page
Chapter 5. Evolution: Object-Oriented Database Systems
No ratings yet
Chapter 5. Evolution: Object-Oriented Database Systems
37 pages
Compensation Management: Performance and Reward Management Kmbnhr04
No ratings yet
Compensation Management: Performance and Reward Management Kmbnhr04
19 pages
Date Seeds: A Novel and Inexpensive Source of Dietary Fiber: Abstract
No ratings yet
Date Seeds: A Novel and Inexpensive Source of Dietary Fiber: Abstract
4 pages
Keane, W. Rotting Bodies - The Clash of Stances Toward Materiality and Its Ethical Affordances PDF
No ratings yet
Keane, W. Rotting Bodies - The Clash of Stances Toward Materiality and Its Ethical Affordances PDF
10 pages
Clevo D610S D620S D630S Notebook
No ratings yet
Clevo D610S D620S D630S Notebook
91 pages
Wearable Microstrip Patch Antennas With Different Flexible Substrates
No ratings yet
Wearable Microstrip Patch Antennas With Different Flexible Substrates
6 pages
The Story of Yusuf AS
No ratings yet
The Story of Yusuf AS
70 pages
The Economist April 13th 2024
No ratings yet
The Economist April 13th 2024
341 pages
Sap Production From Khejur Palm Phoenix Sylvestris Roxb Husbandry A Substantial Means of Seasonal Livelihood in Rural Bangladesh
No ratings yet
Sap Production From Khejur Palm Phoenix Sylvestris Roxb Husbandry A Substantial Means of Seasonal Livelihood in Rural Bangladesh
15 pages
Statistical Data SSC 1ST Annual 2024 Bise Multan
100% (1)
Statistical Data SSC 1ST Annual 2024 Bise Multan
18 pages
UG Zoology Syllabus NEP 2020
No ratings yet
UG Zoology Syllabus NEP 2020
51 pages
Migration to IP Based Networks-30.06.2014
No ratings yet
Migration to IP Based Networks-30.06.2014
45 pages
Weekly-sales-activity-report
No ratings yet
Weekly-sales-activity-report
6 pages
Eeprom Avr
No ratings yet
Eeprom Avr
3 pages
Am - Recitation of Mantras
No ratings yet
Am - Recitation of Mantras
5 pages
Availability of Bauxite Reserves: F. M. Meyer
No ratings yet
Availability of Bauxite Reserves: F. M. Meyer
12 pages
Role of The Executive Magistrate Under The CRPC
No ratings yet
Role of The Executive Magistrate Under The CRPC
3 pages
Tugas 1 PKM 02112022
No ratings yet
Tugas 1 PKM 02112022
4 pages
TPR514 Lec 8 Planning Guideline
No ratings yet
TPR514 Lec 8 Planning Guideline
14 pages
Types of Inheritance
No ratings yet
Types of Inheritance
14 pages