Play the role of an analyst for Sitting Duck Shipping, a fictional mid-sized company looking to modernize its authentication and authorization stack by moving away from easy-to-forget, easy-to-steal passwords. Your task is to build a proof-of-concept for the new stack, collect information, and put together a project proposal. In this series of liveProjects, you’ll set up the environment for the proof-of-concept, establish multi-factor authentication (MFA), establish single sign-on to reduce the number of required passwords, and implement secure, passwordless authentication. As a result of your efforts, Sitting Duck Shipping’s end users will enjoy increased security and an improved login experience.
Play the role of an analyst at Sitting Duck Shipping, a fictional mid-sized company that wants to modernize its authentication and authorization stack. Its goal is to reduce support time spent on password resets and improve the end-user experience, ultimately reducing the risk of account takeovers while maintaining security and compliance. Your task is to set up the proof-of-concept environment for this project.
Protect the Sitting Duck Shipping company from password theft—the most common type of security breach. In this liveProject, you’ll arm the company’s lab environment against these types of attacks by enabling multi-factor authentication (MFA) for IaaS, the server, and the web application. To provide your best recommendation to the company, you’ll evaluate various algorithms and factors that can be used to set up its MFA.
Set up single sign-on (SSO) for the Sitting Duck Shipping company to simplify its password management—a process that typically requires a business employee to manage more than a hundred passwords for various web applications. You’ll configure SSO for AWS, Linux, and WordPress, establishing seamless secure logins. During this liveProject, you’ll identify and strengthen weak points in the infrastructure and keep potential attacks at bay with the appropriate countermeasures.
Your task as an analyst for the Sitting Duck Shipping company is to enable FIDO2 (WebAuthn and CTAP). To do that, you’ll configure the learner’s hardware as the authenticator and configure WordPress to accept WebAuthn authentication. By implementing biometric authentication, you’ll bring a new level of security and satisfaction to the login experience for the company’s users.
These liveProjects are for security professionals who want hands-on experience implementing passwordless authentication, and for software developers who want to better understand modern authentication. To begin these liveProjects you will need to be familiar with the following:TOOLS
Notes: The AWS instance could cost some money if you have already used up your free tier.
In these liveProjects, you’ll learn how to implement the different authentication methods to build a more secure and user-friendly environment for modern cloud infrastructure.
geekle is based on a wordle clone.