IT networks face increasing threats from both inside and outside your organization. Traditional perimeter defenses can miss insider threats, such as password leaks and fraud due to staff complacency, as well as external online threats such as zero-day attacks. To limit the presence of these threats, many IT departments are using identity and access management (IAM) solutions. In this course, The Issues of Identity and Access Management (IAM), you'll learn to look at IAM from the perspective of the issues that it can create for your organization. First, you'll dive into Oauth/OpenID and where the weaknesses are. Next, you'll explore SSO and federations. Finally, you'll learn how to setup a hacking environment using the AutoLab. When you're finished with this course, you'll be able to look at your IAM solution and see if you're protecting yourself, as well as your users.
Dale Meredith received his Certified Ethical Hacker and Certified EC-Counsel Instructor certifications back in 2006, as well as being a Microsoft Certified Trainer since 1998 (yes we had computers back then). Dale takes great pride in helping students comprehend and simplify complex IT concepts.
Course Overview Hi everyone. My name is Dale Meredith, and I'd like to welcome you to my course, The Issues of Identity and Access Management. Now I've been a Microsoft trainer since 1998, and it goes back a ways, as well as a cyber security trainer since about 2004. I'm also currently a consultant for several different government agencies for cyber security. Now this course is actually part of a series that supports several different certifications, including GCIH and the new CSA+. Now let me ask you a question, how many user accounts and passwords do you have in your life. Anyone, anyone, Buehler, Buehler. The average is about 118 accounts. Can you believe that? I actually did an inventory of mine and I have almost 150. In this course, we're going to talk about the differences between some of the solutions that are being used, as well as the weaknesses that they might actually cause. Now I'm not going to leave you hanging. I never do. I'll tell you some of the cool ways that we can strengthen the use of some of these solutions, such as, you know, not writing down a password on a Post-it note. Now some of the topics that we'll cover will include things like OAuth and OpenID and where the weaknesses in their technologies lays. We'll also look at things like SSO, as well as federations, and I'll even go through and show you how to set up a hacking environment that is not only quick, but easy to deploy using our auto labs so that you can test some of these weaknesses. By the end of this course, you'll be able to look at you IAM solution and see if you're protecting yourself, as well as your users. You'll also be a couple of steps closer in taking exams with the knowledge that you get from within this course, you know those CSA+, the GCIH, and ECIH. Now before beginning this course, you should have a somewhat basic knowledge of network technologies, including things like routers, and switches, and maybe even a little bit of Active Directory. After you watch this course, from here you should be able to feel comfortable in diving into some other courses within the series or even branching out and looking at the ethical hacking series. I hope that you'll join me in this adventure in learning with the Issues of Identity and Access Management course here, at Pluralsight.
Managing Your Secret Identity Okay, since we're all IT superheroes, we know we need to manage our secret identities and that's what we're going to talk about in this module. Actually, I won't get into the superhero stuff, but I am going to take you guys down the road or the aspect of looking at digital ids, how we handle them, where they're being stored. We'll also take a look at endpoints and the servers that are involved when we're using our credentials. And then we'll go in and take a look at services and applications as well. So let's take off our masks and our capes and take a look at our secret identities.
Other Authentication Methods Okay, when it comes to IAM, let's talk about some Other Authentication Methods that we can actually use. In this particular module, we're going to go through and take a look at several options or several things. One of them is going to be starting off with understanding that there are basically just two classes when it comes to IAM. We'll also take a look at some protocols. In particular, we'll focus in on the ones that are important for you for your immediate future. You may hear me use that phrase, immediate future, it's because as a trainer I'm not allowed to tell you what may or may not be on an exam, but you may want to break out the highlighter when I make that phrase, but we'll be looking at both Radius and TACACS+. We'll then go through and talk about some of the problems and solutions for context-based authentication. And then we'll go through and focus in on looking at both single sign-on, or SSO, as well as federations. And then finally, we'll end up this module by taking a look at our self-service password resets. I know you guys all know what those are, but I want to make sure that you understand how we can make sure that we've protected ourselves. Sometimes these particular services actually end up opening some real nightmares for us. So let's get started.
Identity Repositories Okay, so in this module, we're going to take a look at the Identity Repositories and how attackers might come after them. We'll first take a look at what I refer to as the six areas that are potential attack vectors. Then we'll get into some detail and talk about how attackers go after LDAP, as well as going after OAuth and OpenId. And because a lot of authentication mechanisms today deal with Kerberos, we'll take a look at the different attack vectors that it presents, as well as the attack vectors in RADIUS, and of course, since most of our products are Windows based, we'll look at going after Active Directory. We'll then go through and finally take a look at how we can stop some common exploits from taking place on our network. So let's get going by taking a look at the six areas.
Building the Lab Okay, this is exciting stuff, and what I mean by that is building the lab, this particular module, I want you to kind of flag this one because we'll be able to use these labs or the setup here that we're about to show you in multiple courses, including courses maybe that you're not even watching that belong to me. But if you watch anybody else's courses, I'll actually have to hunt you down. So that's what we want to get into is showing you how to build this up. It is extremely easy and effective. So in this module, we're going to go through and make sure that you understand the Pluralsight Autolab setup. We'll also go through and talk about the lab structure, what it does for you. It's really quite amazing. It's going to build up four machines for you automatically. We'll then take a look at the Autolab requirements, as well as the aspect of some of you guys may decide to do nested virtualization. This is where we have maybe a core server or a core box that's running Hyper-V on it and we fire up an actual server inside of Hyper-V and then we load the virtualization inside the virtualized box. We'll then go through and we'll just talk about how to deploy the Autolab. I'm going to step you guys through this all the way. Trust me. This is so easy, it's not even funny. And then of course, we'll take a look at after we've deployed the Autolab on how to use the Autolab. Sounds like I'm talking about an auto shop course here, doesn't it, Autolab. We'll go through and change the oil. No, not really. So let's jump in because this is way exciting.
Let's Look at the Exploits Okay, so let's take a look at some of the exploits that we've talked about and that can be susceptible to our IAM environments. In this particular module, we're going to go through and take a look at first of all the concept of DNS spoofing and how easy it's done and the many places that it can actually be done at. We'll then take a look at something called session hijacking, as well as a man-in-the-middle attack and how to do privilege escalation. Now one thing I want to make sure you understand before we get going here, please don't do this in your production environment. Instead, I want to make sure that you've set up your AutoLab. If you haven't, please go back to the previous module and install the AutoLab so that you can confidentially play around with these tools without actually doing any type of damage. So fire up the VMs and let's get going here.