Course info
Nov 7, 2017
1h 33m

Pluralsight is not an official partner or accredited training center of EC-Council. Preventing malware and malicious users from gaining access is the first line of defense to secure your IT environment. In this course, Network Access and Authentication, you'll learn how to control access to your network. First, you'll be introduced to authentication factors and access control models. Next, you'll explore authentication protocols and when they should be used. Finally, you'll discover how to implement network security from authentication through to authorization. By the end of this course, you'll know how to protect your digital assets with secure authentication mechanisms. Software required: Windows Server 2016 and Red Hat Enterprise Linux 7.

About the author
About the author

Daniel Lachance, CompTIA Security+™, CompTIA A+®, CompTIA Network+®, CompTIA Server+, CompTIA Cloud Essentials, MCITP, MCTS, MCSA, is the owner of Lachance IT Consulting Inc. He is the author of the CompTIA Server+ Certification All-in-One Exam Guide, CompTIA Cloud Essentials Certification Study Guide, and co-author of CompTIA Security+ Certification Practice Exams.

More from the author
Managing Microsoft Azure Subscriptions
1h 59m
Jul 16, 2019
More courses by Daniel Lachance
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hey everyone, I'm Dan Lachance, and welcome to my course Network Access and Authentication. Preventing malware and malicious users from gaining network access is the first line of defense in securing your IT environment. Network access control can use a variety of different authentication protocols that really depend on your security requirements. Access control models then determine access to specific resources. Some of the major topics that we're going to cover include defining authentication, authorization, and accounting. We will talk about authentication protocols and when they should be used. And finally, we'll talk about techniques used to secure network traffic. So by the end of this course, you'll understand how to control network and resource access while protecting communications using techniques like encryption. I hope you'll join me to learn about network access and authentication here at Pluralsight.

Authentication and Authorization
The first offense in protecting digital assets is to control who can access the network in the first place. Hi, I'm Dan Lachance. Welcome to Network Access and Authentication. We're going to be focusing on authentication and authorization. Now this is often called the three A's, where it includes not only authentication and authorization, but also accounting. We'll talk about the principle of least privilege to control permissions. We'll talk about separation of duties. We'll talk about role-based access control, or RBAC models, for the assignment of permissions to authorize resource access. And finally, we'll then talk about network access control mechanisms.

Authentication Protocols
Authentication protocols are used to prove the identity of a user, an application or a device and some are stronger than others. In this module we'll take a look at some commonly used authentication protocols and how they fit into network access control. So, we're going to begin then by talking about common authentication protocols, things like the Microsoft Challenge Handshake Authentication Protocol, Extensible Authentication Protocol and others. We'll then tie that into network access control specifically with the Windows Network Policy Server solution which can be used to determine whether or not network access is granted when coming in through VPNs, coming in through 802. 1x compliant wireless routers, network switches and so on.

Securing Network Traffic
Hello, and welcome to our discussion about securing network traffic. I'm Dan Lachance, and in this module, the focus really will be on how to secure transmitted network traffic. Specifically we're going to start by talking about protecting data in transit which includes not only encryption but authenticating of the communication parties. Then we'll talk about pretty good service through PGP which allows for the encryption of things like files and email messages. We'll talk about SSL and its successor TLS and how they can be used to protect application-specific traffic. And we'll focus on the application of HTTP and its secured counterpart HTTPS. Finally we'll talk about how IPsec can be used in various modes to protect traffic.