9781111640125_IM_ch10

Security+ Guide to Network Security Fundamentals

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
Security+ Guide to Network Security Fundamentals, Fourth Edition 10-1 Chapter 10 Authentication and Account Management At a Glance Instructor’s Manual Table of Contents Overview Objectives Teaching Tips Quick Quizzes Class Discussion Topics Additional Projects Additional Resources Key Terms
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Fourth Edition 10-2 Lecture Notes Overview Advanced techniques for verifying the identities of network users continue to increase in both accuracy and ease of implementation. The need for theses advanced techniques is being driven by the increased number of attacks on simple password systems. The chapter deals with the different types of authentication credentials and then goes on to explain the basic capabilities of single sign-on systems and the advanced management of credentials needed when you use such systems or just to manage the ever increasing number of credentials in use by users. Chapter Objectives Describe the three types of authentication credentials Explain what single sign-on can do List the account management procedures for securing passwords Define trusted operating systems Teaching Tips Authentication Credentials 1. Explain that authentication can be based on what a user knows (such as a password), what a user has (like a token or a card), or what a user is (biometrics). 2. Use Figure 10-1 to illustrate authentication credentials. What You Know: Passwords 1. Define password as a secret combination of letters, numbers, and/or characters that only the user should know. 2. Note that passwords are the most common type of authentication today. 3. Emphasize that despite their widespread use, passwords provide only weak protection. Password Weaknesses 1. Explain that the weakness of passwords centers on human memory. 2. Discuss the challenges that passwords present to the human memory. a. Long and complex passwords can be difficult to memorize.
Background image of page 2
Security+ Guide to Network Security Fundamentals, Fourth Edition 10-3 b. There are many different passwords to remember because users have so many accounts. c. Security policies that mandate password expiration exacerbate these problems. 3. Discuss the shortcuts that people take with passwords including weak passwords and reusing passwords. Attacks on Passwords 1. Discuss the attacks that can be used against a password: a. Social engineering b. Capturing c. Resetting d. Online guessing e. Offline cracking 2. Discuss the parameters that can be used in brute force attacks: a. Password length b. Character set c. Language d. Pattern e. Skips 3. Explain that a dictionary attack begins with the attacker creating encrypted versions of common dictionary words, and then comparing them against those in a stolen password file.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 9

9781111640125_IM_ch10 - Security+ Guide to Network Security...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online