Tracking Usage and Access

Loading...

来自 Google 的课程

IT Security: Defense against the digital dark arts

1269 个评分

Google

IT Security: Defense against the digital dark arts

1269 个评分

课程 5（共 5 门，Specialization Google IT Support Professional Certificate）

This course covers a wide variety of IT security concepts, tools, and best practices. It introduces threats and attacks and the many ways they can show up. We’ll give you some background of encryption algorithms and how they’re used to safeguard data. Then, we’ll dive into the three As of information security: Authentication, authorization, and accounting. We’ll also cover network security solutions, ranging from firewalls to Wifi encryption options. The course is rounded out by putting all these elements together into a multi-layered, in-depth security architecture, followed by recommendations on how to integrate a culture of security into your organization or team. At the end of this course, you’ll understand: - how various encryption algorithms and techniques work and their benefits and limitations. - various authentication systems and types. - the difference between authentication and authorization. At the end of this course, you’ll be able to: - evaluate potential risks and recommend ways to reduce risk. - make recommendations on how best to secure a network. - help others to understand security concepts and protect themselves.

从本节课中

AAA Security (Not Roadside Assistance)

In the third week of this course, we'll learn about the "three A's" in cybersecurity. No matter what type of tech role you're in, it's important to understand how authentication, authorization, and accounting work within an organization. By the end of this module, you'll be able to choose the most appropriate method of authentication, authorization, and level of access granted for users in an organization.

Tracking Usage and Access3:01

Rob Important Skills in Security1:37

与讲师见面

Google

Last but not least,

the final A of the Triple A's of security is Accounting.

This means, keeping records of what resources and services

your users access or what they did when they were using your systems.

A critical component of this is auditing,

which involves reviewing these records to ensure that nothing is out of the ordinary.

If we're watching and recording usage of our systems,

but never actually checking the usage data,

that's not super useful.

So what exactly do counting systems keep track of?

Well, that depends on the purpose and intent of the system.

For example, a TACACS+ server would be

more concerned with keeping track of user authentication,

what systems they authenticated to,

and what commands they ran during their session.

This is because TACACS+ plus is

a device access AAA system that manages

who has access to your network devices and what they do on them.

CISCO's AAA system supports accounting of individual commands executed,

connection to and from network devices,

commands executed in privileged mode,

and network services and system details like configuration reloads or reboots.

RADIUS will track details like session duration,

client location and bandwidth,

or other resources used during the session.

This is because radius is a network access AAA system.

So it tracks details about network access and usage.

RADIUS accounting kicks off with the Network Access Server sending

an accounting request packet to

the accounting server that contains an event record to be logged.

This starts the accounting session on the server.

The server replies with an accounting response indicating that the message was received.

The NASS will continue sending periodic accounting messages with

statistics of the session until an accounting stop packet is received.

RADIUS accounting can be used for billing purposes by ISPs because

it records the length of a session and the amount of data sent and received by the user.

This data can also be used to enforce data or time quotas,

limiting the duration of sessions or

restricting the amount of data that can be sent or received.

But, this accounting information isn't detailed and won't

contain specifics of what exactly the user did during the session.

Information like websites visited or what protocols were used aren't recorded.

Other logging utilities that will cover later meet that use case.

Wow. Okay. We covered a lot in this module.

Great work. Take the time to go over anything that may have been a little dense.

When you're ready, we've got a project for you that will test you on authentication,

authorization, and accounting system concepts.

Once that's done, you can head to the next video,

where we'll dive into network security, monitoring, and logging.

探索我们的目录

免费加入并获得个性化推荐、更新和优惠。

Coursera 致力于普及全世界最好的教育，它与全球一流大学和机构合作提供在线课程。

© 2018 Coursera Inc. 保留所有权利。

通过 App Store 下载

通过 Google Play 获取