Securing User Accounts: Fundamental Security Concepts

Individuals such as network administrators, programmers, risk managers, and other key individuals interested in establishing and maintaining secure user account policies and practices

Prerequisite
None

Expected Duration
156 minutes

Description
Online user accounts, when not properly secured, are one of easiest entry points for savvy hackers. In this course, you’ll learn about the fundamental security concepts of authenticity, integrity, and confidentiality, and what role they play in establishing effective user account policies. You’ll also learn why and how most common user account breaches happen. Finally, this course covers some general security practices, such as privilege management, permissions, and account settings, to help protect against potential intrusions via user accounts.

Objective

Key User Account Security Concepts

  • start the course
  • identify the purpose and requirement for secure user account controls
  • describe characteristics of the fundamental security concept of authenticity as it relates to securing user accounts
  • describe characteristics of the fundamental security concept of integrity as it relates to securing user accounts
  • describe characteristics of the fundamental security concept of confidentiality as it relates to securing user accounts

Understanding Attacks

  • describe goals and motives for user account security attacks
  • distinguish between the different phases of a security attack
  • identify characteristics of username enumeration
  • identify characteristics of Cross-Site Request Forgery or CSRF
  • distinguish between the different types of web server password cracking techniques

General Prevention Practices

  • identify best practices for performing vulnerability scanning to prevent user account compromise
  • identify best practices for patching and updating to prevent user account compromise
  • identify best-practice network protocols to protect against general security attacks
  • identify best-practice account protocols to protect against user account security attacks
  • identify best practices for event logging as a method for identifying and preventing account security breaches

Guiding Security Principles

  • describe best practices for applying the security principle of least privilege in secure user account management
  • describe best practices for applying defense in depth strategy in secure user account management

Essential User Account Policies

  • distinguish between users, groups, and role structures for privileges
  • distinguish between the different access permissions categories available to assign to account users
  • identify characteristics and best practices of implementing appropriate naming convention restrictions for user accounts
  • identify characteristics and best practices for limiting logon attempts as a restriction for user accounts
  • identify best practices for setting account expiry dates
  • identify best practices for disabling unused user accounts
  • identify best practices for setting time restrictions on user accounts
  • identify best practices for setting machine restrictions on user accounts

Practice: Create User Account Protection Policies

  • identify appropriate user account security policies and practices

MONTHLY SUBSCRIPTION

$129/month
 

ANNUAL SUBSCRIPTION

$1295/year

Multi-license discounts available for Annual and Monthly subscriptions.