Kerberos authentication in Windows domains

Understand, configure, troubleshoot, secure and monitor Kerberos authentication protocol in Windows domains.

Ratings: 3.58 / 5.00




Description

The course provides refined, standardized and verified information that cannot be found in any other single source publicly available. It does not contain engaging labs or tasks, but only demonstrations. The content is heavily condensed and it will take significantly more than 3 hours to absorb it. You will need a high level of motivation to be able to complete the course and digest the information so that it can be applied practically. At the end of each section, there is a review with multiple-choice questions and explanations. Download and use the course transcript instead of taking notes and follow the references for digging deeper in topics of interest.


The course will introduce you to Microsoft implementation of Kerberos authentication protocol and its benefits, terminology, concepts, and service infrastructure. It will then explain how Kerberos works through detail and step-by-step examination of the ticketing system and communication messages in various configurations using flow diagrams and network traffic analyzer to get better understanding of the processes. Understanding how Kerberos works will help you with troubleshooting complex problems and reduce stress.


We will walk through the configuration of the most common Microsoft applications such as IIS, SQL, Exchange, and file servers, including multi-hop setups and mid-tier service integration, discuss impersonation, review delegation options, and see why some of these options are not so secure. We will also learn how to Kerberize non-Windows services so they can benefit from Kerberos security and convenience of SSO.


Then we will dive into troubleshooting issues, go through a checklist so we don’t miss most common misconfigurations and we will look into specific troubleshooting examples. We will also examine Kerberos vulnerabilities and the most common attacks, such as Kerberoasting and Golden and Silver Tickets and talk about how to prevent and detect compromise. Finally, we will look into relevant monitoring and alerting options and learn how to use these for detecting malicious activity.

What You Will Learn!

  • Improve Windows domain and service security by using Kerberos authentication.
  • Learn Kerberos terminology, concepts and benefits.
  • Understand how Kerberos authentication works and why it is preferred authentication protocol.
  • Configure Kerberos authentication in a secure way for multi-tier applications.
  • Resolve Kerberos authentication problems using Network Monitor and analytical thinking.
  • Secure and monitor Kerberos infrastructure and communications.

Who Should Attend!

  • This course is designed for highly motivated Windows system administrators, .Net developers, database administrators and cybersecurity specialists willing to deepen their knowledge and understanding of authentication protocols.
  • Anyone interested in authentication protocols will benefit from good understanding of Kerberos, but will reqiure a high level of motivation to complete the course.