Improving Access Management Security

Course Overview

Enhancing Intelligent Access
0%
Improving Access Management Security
0%
- Student Guide
- Workbook
- Virtual Exercise Environment
- Increasing Authentication Security
- Describe MFA
  0%
- Register a device
  0%
- Include recovery codes
  0%
- Examine OATH authentication
  0%
- Demo: Implement TOTP authentication
  0%
- Lab: Implement TOTP authentication
- Demo: Implement HOTP authentication
  0%
- Lab: Implement HOTP authentication
- Examine Push notification authentication
  0%
- Demo: Examine the push notification mechanism
  0%
- Lab: Implement Push notification authentication
- Implement passwordless WebAuthn
  0%
- Demo: Implement passwordless WebAuthn
  0%
- Lab: Implement passwordless WebAuthn
- Examine HOTP authentication using email or SMS
  0%
- Demo: Implement HOTP authentication using email
  0%
- Lab: Implement HOTP authentication using email or SMS
- Modifying a User's Authentication Experience Based on Context
- Introduce context-based risk analysis
  0%
- Describe device profile nodes
  0%
- Demo: Examine the use of device nodes
  0%
- Determine the risk based on the context
  0%
- Demo: Use a browser context change script
  0%
- Lab: Implement a browser context change script
  0%
- Lock and unlock accounts
  0%
- Demo: Implement account lockout
  0%
- Lab: Implement account lockout
- Checking Risk Continuously
- Introduce continuous contextual authorization
  0%
- Describe step-up authentication
  0%
- Demo: Implement step-up authentication flow
  0%
- Lab: Implement step-up authentication flow
- Describe transactional authorization
  0%
- Demo: Implement transactional authorization
  0%
- Lab: Implement transactional authorization
- Demo: Prevent users from bypassing the default tree
  0%
- Lab: Prevent users from bypassing the default tree
- Knowledge Check
- Knowledge Check - Improving Access Management Security
Extending Services Using OAuth2-Based Protocols
0%
Federating Across Entities Using SAML2
0%
Installing and Deploying AM
0%

Not yet accessed

Student Guide

Improving Access Management Security

This student guide contains your slides and instructor notes.

Access with a Pass

Not yet accessed

Workbook

Improving Access Management Security

Your workbook contains all your exercise instructions and should be used together with your exercise environment.

Access with a Pass

Not yet accessed

Virtual Exercise Environment

Improving Access Management Security

This brings you to your virtual exercise environment where you can complete your exercises using your workbook. Your lab exercises are chapter-based.

Access with a Pass

Increasing Authentication Security

Describe MFA

Describe MFA mechanisms and list the authentication mechanisms supported in AM.

credentials push WebAuthN oath authentication (4 more)

Examine how users can register a device for MFA.

nodes registration tree

Include recovery codes

Describe recovery codes and how to use them in a tree.

collector recovery nodes trees display node

Examine OATH authentication

Describe OATH authentication and how to integrate it in a tree.

totp oath authentication HOTP tree (3 more)

Demo: Implement TOTP authentication

Demonstrate how to implement TOTP authentication.

tree forgerock authenticator totp validate integrate (1 more)

Access with a Pass

Lab: Implement TOTP authentication

<p>Lab: Implement TOTP authentication</p>

forgerock authenticator lab exercise TOTP

Demo: Implement HOTP authentication

<p>Demonstrate how to implement HOTP authentication.</p>

HOTP tree

Access with a Pass

Lab: Implement HOTP authentication

Implement OATH authentication using the HMAC-based one-time password (HOTP) algorithm.

lab exercise HOTP tree

Examine Push notification authentication

Describe Push notification authentication and how to integrate it in a tree.

notification push authentication tree nodes

Demo: Examine the push notification mechanism

Demonstrate the push notification mechanism.

push tree nodes

Access with a Pass

Lab: Implement Push notification authentication

Implement Push notification authentication.

push lab exercise tree nodes

Implement passwordless WebAuthn

Describe WebAuthn and how to integrate it in a tree.

WebAuthN fido2 trees nodes

Demo: Implement passwordless WebAuthn

Demonstrate how to implement passwordless WebAuthn.

nodes WebAuthN passwordless trees

Access with a Pass

Lab: Implement passwordless WebAuthn

Implement passwordless authentication with WebAuthn.

WebAuthN lab exercise trees nodes passwordless

Examine HOTP authentication using email or SMS

Describe HOTP authentication and how to integrate it in a tree.

authentication HOTP tree

Demo: Implement HOTP authentication using email

Demonstrate how to implement HOTP authentication using email.

tree OPT

Access with a Pass

Lab: Implement HOTP authentication using email or SMS

Implement HOTP authentication using email or SMS.

lab exercise tree OPT

Modifying a User's Authentication Experience Based on Context

Introduce context-based risk analysis

Describe how AM can take into account the context of an authentication request in order to make ...

access risk authentication analyze

Describe device profile nodes

Describe the device profile nodes and the related authentication mechanisms.

application location nodes Integration

Demo: Examine the use of device nodes

Demonstrate the use of device nodes.

application location nodes Integration

Determine the risk based on the context

Determine the risk based on the context using Scripted Decision nodes.

risk Data storage tree analysis

Demo: Use a browser context change script

Demonstrate how to use a script to adapt a tree if the browser context changes.

tree authentication identity store

Lab: Implement a browser context change script

Configure a tree that compares the browsers used from one login to the next.

tree authentication lab access identity store

Lock and unlock accounts

Implement account lockout to mitigate brute force attacks.

risk Account lockout tree brute force attacks

Demo: Implement account lockout

Demonstrate how to implement account lockout with the Account Lockout node.

risk Account lockout tree brute force attacks

Access with a Pass

Lab: Implement account lockout

Configure account lockout using a Retry Limit Decision node and an Account Lockout node.

risk Account lockout lab exercise tree brute force attacks

Checking Risk Continuously

Introduce continuous contextual authorization

Introduce the concept of continuous contextual authorization and session upgrade.

authorization entitlements access policy conditions

Describe step-up authentication

Describe the step-up authentication flow and observe the related policy evaluation response.

policy authentication

Demo: Implement step-up authentication flow

Demonstrate how to implement step-up authentication with a policy with advice.

policy tree

Access with a Pass

Lab: Implement step-up authentication flow

Explain how step-up flow works and how to configure it.

policy lab exercise tree

Describe transactional authorization

Describe the transactional authorization flow and observe the related policy evaluation request and ...

transactional authorization policy

Demo: Implement transactional authorization

Demonstrate how to implement transactional authorization with a policy with advice.

policy authorization tree

Access with a Pass

Lab: Implement transactional authorization

Implement transactional authorization.

policy lab exercise authorization tree

Demo: Prevent users from bypassing the default tree

Demonstrate how to prevent users from bypassing the default tree by protecting higher risk access ...

secure mfa tree

Access with a Pass

Lab: Prevent users from bypassing the default tree

Prevent users from changing the URL and bypassing the default tree.

mfa lab exercise tree secure

Knowledge Check

Access with a Pass

Knowledge Check - Improving Access Management Security

Test your knowledge of this chapter in a series of short quizzes to enhance your learning!

lab exercise

Next chapter: Extending Services Using OAuth2-Based Protocols