Certified Cybersecurity Technician - Module 04 - Identification, Authentication and Authorization - Lab (EC-Council) (Z-Library)

📄 File Format: PDF

💾 File Size: 6.6 MB

📖 Read Online ⬇️ Download

Registered users can read the full content for free

Register as a Gaohf Library member to read the complete e-book online for free and enjoy a better reading experience.

📄 Page 1

Copyrights @ 2022 EC-Council International Ltd. 1Certified Cybersecurity Technician CERTIFIED CYBERSECURITY TECHNICIAN CHAPTER 4 IDENTIFICATION, AUTHENTICATION, AND AUTHORIZATION

📄 Page 2

Copyrights @ 2022 EC-Council International Ltd. 2Certified Cybersecurity Technician INDEX Chapter 4: Identification, Authentication, and Authorization Exercise 1: Implement Access Controls in Windows Machine Exercise 2: Manage Access Controls in Linux Machine Exercise 3: Implement Role-Based Access Control in Windows Admin Center (WAC) Exercise 4: Implement Centralized Authentication Mechanism 05 35 57 86

📄 Page 3

Copyrights @ 2022 EC-Council International Ltd. 3Certified Cybersecurity Technician SCENARIO The most serious risk faced by organizations involves unauthorized access to sensitive data. To control data breach events, organizations require strong identification, authentication, and authorization mechanisms to effectively manage the access to critical assets and sensitive data. The labs in this module will provide real-time experience in using the various methods and techniques employed for the identification, authentication, and authorization of users who access critical assets and resources. OBJECTIVE The objective of this lab is to provide expert knowledge in identifying, authenticating, and authorizing users who access critical assets and resources. This lab includes the following tasks: • Implementation of access control policies in Windows and Linux machines • Implementation of role-based access control using tools such as Windows Admin Center (WAC) • Implementation of centralized authentication using Windows utilities OVERVIEW OF IDENTIFICATION, AUTHENTICATION AND AUTHORIZATION Identification deals with confirming the identity of a user, process, or device accessing the network. User identification is the most commonly used technique for authenticating the users in the network and applications. Authentication involves verifying the credentials provided by a user while attempting to connect to a network. Both wired and wireless networks perform authentication of users before allowing them to access the resources in the network. Authorization refers to the process of providing permission to access the resources or perform an action on the network. Admin can decide the user privileges and access permissions of users on a multiuser system.

📄 Page 4

Copyrights @ 2022 EC-Council International Ltd. 4Certified Cybersecurity Technician LAB TASKS Cyber security professionals or a security professionals use numerous tools and techniques to implement access control policies. The recommended labs that will assist you in learning various identification, authentication and authorization techniques include: Note: Turn on PfSense Firewall virtual machine and keep it running throughout the lab exercises. Implement Access Controls in Windows Machine01 Implement Role-Based Access Control in windows Admin Center (WAC)03 Manage Access Controls in Linux Machine02 Implement Centralized Authentication Mechanism04

📄 Page 5

Copyrights @ 2022 EC-Council International Ltd. 5Certified Cybersecurity Technician EXERCISE 1: IMPLEMENT ACCESS CONTROLS IN WINDOWS MACHINE Access control is a method of limiting the access of an organization’s resources for the users. LAB SCENARIO A security professional must have the required knowledge to manage objects in the Active Directory using different types of accounts and know the application of account policies using GPO in Windows machine. OBJECTIVE This lab demonstrates the implementation of access control policies in Windows machine. OVERVIEW OF ACCESS CONTROL An access control function uses identification, authentication, and authorization mechanisms to identify, authenticate, and authorize the user who requests access to a specific resource. The access permissions determine the approvals or permissions provided to a user for accessing a system and other resources. A crucial aspect of implementing an access control is to maintain the integrity, confidentiality, and availability of information.

📄 Page 6

Copyrights @ 2022 EC-Council International Ltd. 6Certified Cybersecurity Technician Note: Ensure that PfSense Firewall virtual machine is running. 1. Turn on the AD Domain Controller virtual machine. 2. In the AD Domain Controller virtual machine, log in with the credentials CCT\Administrator and admin@123. Note: The networks screen appears, click Yes. Note: If a Shutdown Event Tracker window appears, click Cancel. 3. Before implementing access control policies, we will first examine the properties of the current Administrator account. 4. Click Start icon on the Desktop, right-click Windows PowerShell and navigate to More Run as administrator. Note: If User Account Control pop-up appears, click Yes to continue. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 7

Copyrights @ 2022 EC-Council International Ltd. 7Certified Cybersecurity Technician E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E 5. In the PowerShell, type whoami /user and press Enter to display the details regarding Security ID (SID) and other additional information of the current user. Note: User accounts are identified in the system by their unique numbers. In Windows, this number is the Security Identifier (SID). In Linux, it is the User Identifier (UID).

📄 Page 8

Copyrights @ 2022 EC-Council International Ltd. 8Certified Cybersecurity Technician 6. Now, type get-aduser -identity administrator -properties * and press Enter to display user account information. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 9

Copyrights @ 2022 EC-Council International Ltd. 9Certified Cybersecurity Technician 7. Minimize the Administrator: Windows PowerShell window. 8. Click Start icon in the Desktop, click Server Manager. 9. The Server Manager window appears, click Tools option at the top right corner of the window and select Active Directory Users and Computers option. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 10

Copyrights @ 2022 EC-Council International Ltd. 10Certified Cybersecurity Technician 10. Right-click CCT.com domain and navigate to New → Organizational Unit. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 11

Copyrights @ 2022 EC-Council International Ltd. 11Certified Cybersecurity Technician 11. New Object - Organizational Unit pop-up appears, type NetworkAdmin in the Name field and click OK. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 12

Copyrights @ 2022 EC-Council International Ltd. 12Certified Cybersecurity Technician 12. Right-click NetworkAdmin Organizational Unit, navigate to New → User. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 13

Copyrights @ 2022 EC-Council International Ltd. 13Certified Cybersecurity Technician 13. The New Object - User window appears, enter the following details and click Next: • First name: IT • Last name: Head • User logon name: IT_Head E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 14

Copyrights @ 2022 EC-Council International Ltd. 14Certified Cybersecurity Technician 14. Enter test@123 in both Password and Confirm Password fields. Uncheck User must change password at next logon and check Password never expires option. Click Next. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 15

Copyrights @ 2022 EC-Council International Ltd. 15Certified Cybersecurity Technician 15. In the next window, click Finish. 16. Now, we must create a global security group within the NetworkAdmin Organizational Unit. 17. Right-click NetworkAdmin Organizational Unit and navigate to New → Group. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 16

Copyrights @ 2022 EC-Council International Ltd. 16Certified Cybersecurity Technician 18. The New Object - Group window appears, type TechSupport in the Group name, leave all the other options set to default and click OK. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 17

Copyrights @ 2022 EC-Council International Ltd. 17Certified Cybersecurity Technician 19. Now, add the IT Head account to the TechSupport group. For this, right-click on IT Head and select Add to a group…. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 18

Copyrights @ 2022 EC-Council International Ltd. 18Certified Cybersecurity Technician 20. The Select Groups window appears, in the Enter the object names to select field, type Tech and click Check Names button. Then, the TechSupport name appears, click OK. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 19

Copyrights @ 2022 EC-Council International Ltd. 19Certified Cybersecurity Technician 21. A pop-up appears, indicating the successful addition of a user to the group. Click OK. E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E

📄 Page 20

Copyrights @ 2022 EC-Council International Ltd. 20Certified Cybersecurity Technician 22. Now, right-click FinanceOU Organizational Unit and navigate to New → Computer. 23. The New Object - Computer window appears, type Computer01 in the Computer Name field and click OK E X E R C IS E 1 : IM P LE M E N T A C C E S S C O N TR O LS IN W IN D O W S M A C H IN E