O Rzy 6 Opa 8 CAc CZ VQ IYf G5 PJ JGHG 8 HJ Su 2 UDu Up R1

Download as pdf or txt
Download as pdf or txt
You are on page 1of 126

CHAPTER 4

IDENTIFICATION, AUTHENTICATION,
AND AUTHORIZATION

CERTIFIED CYBERSECURITY TECHNICIAN


Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 1
INDEX
Chapter 4:
Identification, Authentication, and Authorization

05
Exercise 1:
Implement Access Controls in Windows Machine

35
Exercise 2:
Manage Access Controls in Linux Machine

57
Exercise 3:
Implement Role-Based Access Control in Windows Admin Center (WAC)

86
Exercise 4:
Implement Centralized Authentication Mechanism

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 2


SCENARIO
The most serious risk faced by organizations involves unauthorized access to sensitive data. To control data breach events, organizations require
strong identification, authentication, and authorization mechanisms to effectively manage the access to critical assets and sensitive data.
The labs in this module will provide real-time experience in using the various methods and techniques employed for the identification,
authentication, and authorization of users who access critical assets and resources.

OBJECTIVE
The objective of this lab is to provide expert knowledge in identifying, authenticating, and authorizing users who access critical assets and
resources. This lab includes the following tasks:

• Implementation of access control policies in Windows and Linux machines

• Implementation of role-based access control using tools such as Windows Admin Center (WAC)

• Implementation of centralized authentication using Windows utilities

OVERVIEW OF IDENTIFICATION, AUTHENTICATION AND AUTHORIZATION


Identification deals with confirming the identity of a user, process, or device accessing the network. User identification is the most commonly
used technique for authenticating the users in the network and applications.

Authentication involves verifying the credentials provided by a user while attempting to connect to a network. Both wired and wireless networks
perform authentication of users before allowing them to access the resources in the network.

Authorization refers to the process of providing permission to access the resources or perform an action on the network. Admin can decide the
user privileges and access permissions of users on a multiuser system.

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 3


LAB TASKS
Cyber security professionals or a security professionals use numerous tools and techniques to implement access control policies. The
recommended labs that will assist you in learning various identification, authentication and authorization techniques include:

01 Implement Access Controls in Windows Machine


02 Manage Access Controls in Linux Machine

03 Implement Role-Based Access Control in windows


Admin Center (WAC) 04 Implement Centralized Authentication Mechanism

Note: Turn on PfSense Firewall virtual machine and keep it running throughout the lab exercises.

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 4


EXERCISE 1: IMPLEMENT ACCESS CONTROLS IN WINDOWS MACHINE
Access control is a method of limiting the access of an organization’s resources for the users.

LAB SCENARIO
A security professional must have the required knowledge to manage objects in the Active Directory using different types of accounts and
know the application of account policies using GPO in Windows machine.

OBJECTIVE
This lab demonstrates the implementation of access control policies in Windows machine.

OVERVIEW OF ACCESS CONTROL


An access control function uses identification, authentication, and authorization mechanisms to identify, authenticate, and authorize the user
who requests access to a specific resource. The access permissions determine the approvals or permissions provided to a user for accessing a
system and other resources. A crucial aspect of implementing an access control is to maintain the integrity, confidentiality, and availability of
information.

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 5


Note: Ensure that PfSense Firewall virtual machine is running.

1. Turn on the AD Domain Controller virtual machine.


2. In the AD Domain Controller virtual machine, log in with the credentials CCT\Administrator and admin@123.
Note: The networks screen appears, click Yes.
Note: If a Shutdown Event Tracker window appears, click Cancel.
3. Before implementing access control policies, we will first examine the properties of the current Administrator account.
4. Click Start icon on the Desktop, right-click Windows PowerShell and navigate to More Run as administrator.
Note: If User Account Control pop-up appears, click Yes to continue.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 6


5. In the PowerShell, type whoami /user and press Enter to display the details regarding Security ID (SID) and other additional information of
the current user.
Note: User accounts are identified in the system by their unique numbers. In Windows, this number is the Security Identifier (SID). In Linux, it
is the User Identifier (UID).
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 7


6. Now, type get-aduser -identity administrator -properties * and press Enter to display user account information.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 8


7. Minimize the Administrator: Windows PowerShell window.

8. Click Start icon in the Desktop, click Server Manager.

9. The Server Manager window appears, click Tools option at the top right corner of the window and select Active Directory Users and
Computers option.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 9


10. Right-click CCT.com domain and navigate to New → Organizational Unit.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 10


11. New Object - Organizational Unit pop-up appears, type NetworkAdmin in the Name field and click OK.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 11


12. Right-click NetworkAdmin Organizational Unit, navigate to New → User.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 12


13. The New Object - User window appears, enter the following details and click Next:
• First name: IT
• Last name: Head
• User logon name: IT_Head
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 13


14. Enter test@123 in both Password and Confirm Password fields. Uncheck User must change password at next logon and check Password
never expires option. Click Next.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 14


15. In the next window, click Finish.

16. Now, we must create a global security group within the NetworkAdmin Organizational Unit.

17. Right-click NetworkAdmin Organizational Unit and navigate to New → Group.


IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 15


18. The New Object - Group window appears, type TechSupport in the Group name, leave all the other options set to default and click OK.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 16


19. Now, add the IT Head account to the TechSupport group. For this, right-click on IT Head and select Add to a group….
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 17


20. The Select Groups window appears, in the Enter the object names to select field, type Tech and click Check Names button. Then, the
TechSupport name appears, click OK.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 18


21. A pop-up appears, indicating the successful addition of a user to the group. Click OK.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 19


22. Now, right-click FinanceOU Organizational Unit and navigate to New → Computer.

23. The New Object - Computer window appears, type Computer01 in the Computer Name field and click OK
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 20


24. Switch to the Administrator: Windows PowerShell window, type get-adcomputer -filter * | out-file C:\useraccounts.txt and press Enter to
create a detailed report of all computer objects in the domain.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 21


25. Now, navigate to C: drive to see if the useraccounts.txt file exists.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 22


26. Double-click useraccounts.txt file to see its content. You can view the newly created user account (Computer01), as shown in the
screenshot.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 23


27. Close all the windows, except Windows PowerShell.

28. Now, we shall modify the existing GPO to set password requirements.

29. To launch Group Policy Management, click Windows Start icon and navigate to Windows Administrative Tools → Group Policy
Management.
Note: Alternatively, you can launch Group Policy Management by typing gpmc.msc in Run. To open Run, right-click on Start and click Run.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 24


30. The Group Policy Management main window appears. Expand the Forest: CCT.com → Domains → CCT.com and select Default Domain
Policy, as shown in the screenshot.
Note: The Default Domain Policy is a single password policy that works for all members of a specific domain, it offers no flexibility to have
different password polices for different types of users. It is recommended to only use it for password management.

31. In the Group Policy Management Console, click OK.


IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 25


32. Right-click Default Domain Policy node and select Edit….
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 26


33. In the Group Policy Management Editor window, expand Computer Configuration → Policies → Windows Settings → Security Settings →
Account Policies. Click on Password Policy; the password policies will be listed in the right pane.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 27


34. You can view the default password policies that are listed in the right-pane, as shown in the screenshot.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 28


35. We must configure the policies to match the requirements given below. To edit the policy, double-click each of them.

Note: To implement the changes in the Policy, make the desired modifications, then click Apply and click OK.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 29


36. The updated Password Policy settings, are shown in the below screenshot.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 30


37. Switch to Administrator: Windows PowerShell, click to type gpresult /H C:\passwords-policy-settings.html and press Enter to generate the
report of password policy settings to update the configuration documentation.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 31


38. Navigate to C: drive to see if the passwords-policy-settings.html file exists.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 32


39. Now, double click the passwords-policy-settings.html file.

40. A browser window appears displaying the Group Policy Results file, as shown in the screenshot.
Note: If browser notification appears, click Ask me later.
IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 33


41. This file displays a detailed report on the implemented account policies. You can explore it further.

42. This concludes the demonstration of implementing access control policies in Windows machine.

43. Close all the opened windows.

44. Turn off the AD Domain Controller virtual machine.


IN WINDOWS
IMPLEMENT
EXERCISE 1:

CONTROLS

MACHINE
ACCESS

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 34


EXERCISE 2: MANAGE ACCESS CONTROLS IN LINUX MACHINE
Access control assists in maintaining the integrity, confidentiality, and availability of the information and resources.

LAB SCENARIO
A security professional must have the required knowledge to manage access control policies on a Linux machine. First, we will create local user
accounts and groups on a system. Then, we will create directories and files where access control policies will be implemented. Further, we will
configure the ownership to these directories and files.

OBJECTIVE
This lab demonstrates implementation of access controls in Linux machine.

OVERVIEW OF ACCESS CONTROL


The principles of access control describe the access permission levels of users in detail. By enabling the access control process, the security of
processes and resources can be ensured.

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 35


Note: Here, for demonstration purposes, we are using Attacker Machine-1 to show the implementation of access control policies in Linux
machine.
Note: Ensure that PfSense Firewall virtual machine is running.

1. Turn on the Attacker Machine-1 virtual machine.


2. Click to select Bob account, in the Password field, type user@123 and press Enter to sign in.
3. First, we will create two sample users and two groups on this machine and configure the password of these the two users.
4. In the left pane, under the Activities list, click the Terminal icon to open the Terminal window
Note: If the Software Updater pop-up appears, click Remind Me Later.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 36


5. In the Terminal window, type sudo su and press Enter to run programs as the root user.

6. In the [sudo] password for bob field, type user@123 as a password and press Enter.
Note: The password typed by you will not be visible.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 37


7. Now, type useradd testuser01 and press Enter to create a new user.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 38


8. Type passwd testuser01 and press Enter to set password for the user (testuser01).

9. The New password field appears, type test@123 and Enter. In the Retype new password field, enter the same password (test@123) and press
Enter to set the password. Subsequently, a password updated successfully message appears, as shown in the screenshot.
Note: You can set any user password of your choice.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 39


10. Similarly, perform steps#7-9 to create another user account with username testuser02 and password test@123.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 40


11. Now, we shall create a new group. For this, type groupadd admin and press Enter.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 41


12. Similarly, create another group named team by issuing the command groupadd team.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 42


13. In the terminal window, type usermod -aG admin testuser01 and press Enter to add user testuser01 to the admin group.
Note: usermod command is used to modify the user object in order to add a user to the group.

14. Similarly, type usermod -aG team testuser02 and press Enter to add user testuser02 to the team group.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 43


15. Type id testuser01 and press Enter to verify that testuser01 has been added to the admin group.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 44


16. Similarly, type id testuser02 and press Enter to verify that testuser01 has been added to the team group.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 45


17. Now, we will create directories and files to demonstrate how the permissions are applied to them.
18. Execute the following commands to create three directories:

mkdir testdirectory

mkdir testdirectory/SecProjects

mkdir testdirectory/TeamProjects
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 46


19. Now, execute the following commands to create two files:

touch testdirectory/SecProjects/networkreport.txt

touch testdirectory/TeamProjects/workreport.txt
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 47


20. By default, the creator of directories or resources controls the access to them. Therefore, users and groups must be permitted to own the
directory content which allows them to configure permissions.

21. In the terminal window, type ls -ld testdirectory and press Enter to display the permissions of the testdirectory directory.

22. Here, root is the owner of the testdirectory, as shown in the screenshot.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 48


23. Now, we will execute the following commands to change the directory ownership to specific users and groups:
Note: The ‘R’ parameter allows you to change directory ownership recursively
chown -R testuser01:admin testdirectory/SecProjects
chown -R testuser02:team testdirectory/TeamProjects
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 49


24. Type ls -ld testdirectory/SecProjects and press Enter to display the users and groups associated with testdirectory/SecProjects.

25. Type ls -ld testdirectory/TeamProjects and press Enter to display the users and groups associated with testdirectory/TeamProjects.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 50


26. Now, we will configure permissions for the directory owners.

27. In the terminal window, type chmod u=rwx,g=rwx,o-r testdirectory/SecProjects and press Enter to set the following permission for
testuser01.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Note: Access Level Parameters: r: read a file or lit the content of a directory, w:
write to a file or directory, x: execute a file or recurse a directory tree.

Note: Reference Parameters: u: user (file owner), g: group (members of the file’s
group), o: others (users who are neither the file’s owner nor members of the file’s
group).

Note: Here, rwx: read, write and execute permissions are given to u(user) and
g(group), o-r: read permission has been removed for o (others).

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 51


28. In the terminal window, type chmod u=rwx,g=rwx,o=rx testdirectory/TeamProjects and press Enter to set the following permission for
user testuser02.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Note: Here, rwx: read, write and execute permissions are given to u(user) and
g(group), rx: Read and execute permissions are given to o(others).

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 52


29. Thus, we have created the user accounts along with the specified resource access policies, we will test them.

30. Click on the Add icon (+) present on top-left corner of the Terminal window to open another terminal.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 53


31. A new Terminal window appears, in another tab.

32. In this new Terminal window, type su testuser02 and press Enter.
Note: su stands for substitute user, it is used to execute commands with the privileges of another user account.

33. A Password field appears, type test@123 and press Enter.


Note: The password types by you will not be visible.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 54


34. In the terminal, type cd testdirectory/SecProjects and press Enter, to navigate to the SecProjects directory having with only Admin
privileges.

35. Type ls and press Enter to list the files present in the directory.

36. According to the permissions specified in step#26, it can be observed that testuser02 does not have access to the directory content of
testuser01. The testeruser02 is a normal user with limited access whereas testuser01 has admin level privileges.
MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 55


37. As described above, the root user can create multiple user accounts on the same machine with different level of access permissions,
thereby, preventing the system and resources from unauthorized access.

38. This concludes the demonstration of implementing access control policies in Linux machine.

39. Close all open windows.

40. Turn off the Attacker Machine-1 virtual machine.


MANAGE ACCESS

LINUX MACHINE
CONTROLS IN
EXERCISE 2:

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 56


EXERCISE 3: IMPLEMENT ROLE-BASED ACCESS CONTROL IN WINDOWS ADMIN
CENTER (WAC)
Windows Admin Center (WAC) provides a web console to perform administrative tasks and manage different machines within a network.

LAB SCENARIO
A security professional should be aware of the various tools and tricks available to manage servers and clients. WAC enables you to perform
administrative tasks on any client device (except mobile devices). It uses role-based access control (RBAC) to control the activity of users
connected to the server. WAC allows the management of system activity such as starting various services, adding and removing resources,
and controlling applications.

OBJECTIVE
This lab demonstrates how to install WAC and configure RBAC in WAC to restrict user activities.

OVERVIEW OF WAC
In WAC, RBAC provides limited access to users on the target computers. RBAC in WAC works by configuring every managed server with a
PowerShell Just-Enough Administration endpoint. The roles are defined by the endpoint. After connecting a restricted endpoint, a temporary
local administrator account is created for managing the machine. If the user is not managing the machine utilizing WAC, the temporary
account is automatically deleted.

WAC supports the following built-in roles.

Administrators: They allow users to use most WAC features without granting them access to Remote Desktop or PowerShell.

Readers: They allow users to view information and settings on the server, but not make changes.

Hyper-V Administrators: They allow users to make changes to the Hyper-V VMs and switches but limits other features to read-only access.

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 57


Note: Ensure that PfSense Firewall virtual machine is running.
1. Turn on the Admin Machine-1 virtual machine.

2. Log in with the credentials Admin and admin@123.


Note: If the network screen appears, click Yes.

3. To install WAC, navigate to Z:\CCT-Tools\CCT Module 04 Identification, Authentication and Authorization\Windows Admin Center and
double-click WindowsAdminCenter1910.msi.

4. The installation starts. Check I accept these terms. Click Next to continue.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 58


5. The default option pertains to Microsoft updates. Click Next.

6. The Configure Gateway Endpoint window appears. Click Next to continue.

7. Leave the default settings for port and other options unchanged on the window. Click Install.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 59


8. WAC installation starts. If the User Account Control window appears, click yes.

9. Installation continues. Check Open Windows Admin Center. Click Finish to complete the installation.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 60


10. If a list of browser applications pops-up, select Microsoft Edge and click OK.

11. Wait for a few seconds. The Edge browser loads Windows Admin Center.

12. If a Select a certificate for authentication pop-up appears, select the certificate and click OK.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 61


13. The Windows Admin Center appears. By default, you can see that Admin Machine-1 is connected and listed under All Connections.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 62


14. Click on the +Add button to add the Webserver.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 63


15. The Add resources pane opens. Click Add under Windows Server.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 64


16. The Connection tags pane appears. Type Webserver in the Server name field. Wait for few seconds.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 65


17. Select the Use another account for this connection radio button and type the username Administrator and password admin@123. Click
Add with credentials.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 66


18. The Webserver is added to the Windows Admin Center.
Note: if a Save password pop-up appears, click Never.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 67


19. Click Webserver to connect the server.

20. The Windows Admin Center connects to Webserver and displays all tools under Server Manager.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 68


21. We have added Webserver to the Windows Admin Center. A security professional can now manage the Webserver through WAC.

22. Using RBAC option in WAC, a security professional can provide only limited access to a user of Web server machine. Here, we will assign
limited access to the already created user (john) in Web Server machine. To configure RBAC for user john, click Settings at the bottom of the
Tools pane on the left.

23. The Settings pane appears. Click Role-based Access Control.


ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 69


24. The Role-based access control page appears. Click the Apply button at the bottom of the page.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 70


25. The Restart the WinRM service? dialog appears. Click Yes to continue.

26. A notification (see the Notifications icon at the upper right corner) about scheduling the application of RBAC appears. It takes a maximum
of 10 minutes to start the RBAC service. Wait for 10 minutes, refresh the Webserver connection.

Note: If logged out, log in with the credentials for Webserver as given in Step#17.

Thus, we reconnected to the Webserver. Navigate to Tools → Settings. Click the Role-based Access Control option. You can see that the Role-
based access control status is Applied. Tonya-this
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 71


27. RBAC is now added to Webserver.

28. Next, assign a user to the role. Click Local users & groups in the Tools pane on the left.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 72


29. The Local users & groups pane appears. Select the user john under the Users tab.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 73


30. The Manage membership option is now visible. If it is not visible, click on More and select the Manage membership option.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 74


31. Click Manage membership to add membership for the user. The Manage membership pane now opens.

32. Scroll down the list that appears in the Manage Membership pane. In the list, uncheck Users, and check Windows Admin Center Readers.
These changes will allow John to view information and settings on the server, but not make changes by assigning the windows admin center
readers role. Click Save.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 75


33. A notification (see the Notifications icon) appears indicating that the membership for the user john has been updated successfully.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 76


34. Click Windows Admin Center from the top-left corner of the dashboard, to navigate to the Home page.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 77


35. Select Webserver and click the Manage as tab. If Manage as tab is not visible, click on More tab and select Manage as option.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 78


36. Specify your credentials once the pane opens. Change username to John and password to user@123. We will now log in as a user to
Webserver. In Windows Admin Center, click Continue.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 79


37. Wait for a few seconds; Webserver is loaded in WAC for the user john. It can be seen that the user john is selected under Managing as.
Click the Webserver link to connect.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 80


38. Because we have logged in as John in Windows Admin Center, Webserver is connected with limited access (shown at the upper left
corner as Webserver (Limited Access)).
Note: If you receive any error pop-up, ignore it.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 81


39. As a user of Webserver, you can try to add new storage to it. However, because we added the user john in RBAC and allowed limited
access permission only, the system will not allow user John to add new storage.

40. Click Storage in the Tools pane. Wait for a few seconds; the Storage pane appears on the right side of the window.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 82


41. Under the Disks menu on the Storage pane, click More and select the Create VHD option.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 83


42. The Create VHD pane opens. Type the following in the respective fields and click Submit.

• VHD folder path: c:\TestFolder


• New VHD file name: test
• File extension: vhd
• Size (GB): 1
• Virtual hard disk type: Fixed
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 84


43. The following error notification appears (See the Notifications icon): Couldn’t create the VHD. Error Exception: This operation was blocked
by role-based access control settings.
ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 85


44. As demonstrated, a security professional can use the WAC tool to manage system resources and permissions.

45. Close all open windows.

46. Turn off the Admin Machine-1 virtual machine.


ACCESS CONTROL

ADMIN CENTER
IN WINDOWS
ROLE-BASED
EXERCISE 3:
IMPLEMENT

(WAC)

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 86


EXERCISE 4: IMPLEMENT CENTRALIZED AUTHENTICATION MECHANISM
In centralized authentication, authorization for network access is ensured using a single centralized authorization unit.

LAB SCENARIO
A security professional should be aware of the various tools and tricks available to implement the centralized authentication mechanism. In this
exercise, we will convert the AD Domain Controller machine to an authentication server. All authentication attempts will be forwarded to this
machine. The machine PfSense will be converted to a client which will pass authentication attempts to the authentication server (AD Domain
Controller machine). Here, the RADIUS protocol is used which acts as an authentication protocol between server and client.

OBJECTIVE
This lab will demonstrate the implementation of centralized authentication.

OVERVIEW OF CENTRALIZED AUTHENTICATION


The need for centralized authentication arose when it became difficult to implement the authorization process individually for each resource.
It uses a central authorization database that allows or denies access to users and the access decision depends on the policies created by
centralized units. This enables an easy authorization process for users who access different platforms. Centralized authorization units are easy
to handle and have low costs. A single database provides access to all applications, thereby enabling effective security. A centralized database
also provides an easy and inexpensive method of adding, modifying, and deleting applications from the centralized unit.

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 87


Note: Ensure that PfSense Firewall virtual machine is running.

1. Turn on the AD Domain Controller virtual machine.

2. In the AD Domain Controller virtual machine, log in with the credentials CCT\Administrator and admin@123.
Note: If the network screen appears, click Yes.

3. Click Start icon at the left bottom corner of the Desktop and click Server Manager.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 88


4. The Server Manager window appears, click Tools and select Network Policy Server from the drop-down list.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 89


5. The Network Policy Server window appears. In the left pane, expand the RADIUS Clients and Servers node and select the RADIUS Clients
node. Now, right-click RADIUS Clients node and click New.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 90


6. The New RADIUS Client wizard appears, ensure that the Enable this RADIUS Client checkbox is selected. In the Friendly name field, type
pfsense.cct.com and in the Address (IP or DNS) field, type 10.10.1.1.

7. Now, select the Generate radio-button and click Generate to generate the Shared secret key.
Note: The shared secret key is a type of password key which is set on the RADIUS server (here, AD Domain Controller machine). This key value
must be configured on each RADIUS client (here, we will be using the pfSense Firewall machine). If a secret key presented by a RADIUS client
does not match with that of RADIUS server, then the request from the client is not accepted.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 91


8. Copy the Shared secret value and paste it in the notepad file.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 92


9. Minimize the Notepad file and in the New RADIUS Client wizard, click OK.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 93


10. Now, we will configure a network policy that allows users in the Admin-Support to authenticate themselves in the pfSense by using
unencrypted authentication.

11. In the Network Policy Server window, expand the Policies node and select Network Policies node. Right-click Network Policies and click
New.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 94


12. The New Network Policy window appears. In the Policy name field, type pfsense Authentication Appliance. Click Next.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 95


13. Next, the Specify Conditions wizard appears, click Add….
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 96


14. Under the Select condition section, select Windows Groups from the list of available options and click Add….
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 97


15. The Windows Groups wizard appears, click the Add Groups… button.

16. In the Select Group dialog box, type Admin in the Enter the object name to select field and click Check Names button.

17. The Admin_Support group appears, click OK.


AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 98


18. In the Windows Groups wizard, click OK.

19. In the Specify Conditions wizard, click Next.


AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 99


20. In the Specify Access Permission window, ensure that Access granted radio-button is selected, click Next.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 100


21. In the Configure Authentication Methods wizard, do not change default settings and click Next.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 101


22. In the Configure Constraints wizard, click Next.

23. In the Configure Settings wizard, click Add… button present under Attributes field.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 102


24. The Add Standard RADIUS Attribute window appears, select Class from the Attributes box and click Add….
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 103


25. The Attribute Information pop-up appears, type Admin-Support in the field and click OK.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 104


26. In the Add Standard RADIUS Attribute window, click Close.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 105


27. In the Configure Settings wizard, click Next.

28. In the Completing New Network Policy window, click Finish.


AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 106


29. Now, we will enter details regarding the RADIUS server in the PfSense Firewall machine to configure it as a RADIUS client. This allows the
AD Domain Controller machine to receive all authentication requests from the PfSense Firewall machine.

30. Open any web browser (here, Mozilla Firefox), enter the URL as http://10.10.1.1 and press Enter.
Note: If an Update available pop-up appears click Dismiss.

31. A Warning: Potential Security Risk Ahead alert appears, click Advanced… button and click Accept the Risk and Continue.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 107


32. The login page appears, enter Username and Password as admin and admin@123 respectively and click SIGN IN button.
Note: If the Save login credentials pop-up appears, click Don’t Save.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 108


33. The pfSense dashboard appears, navigate to System  User Manager.
Note: If you receive any error, then reload the page and perform step 33 again.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 109


34. Navigate to the Authentication Servers tab and click + Add button.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 110


35. In the Descriptive name, enter CCT AD DOMAIN. From the Type list, select RADIUS.
Note: By default, the MS-CHAPv2 protocol is selected under RADIUS Server Settings. MS-CHAPv2 is a password-based authentication protocol
that is used to authenticate servers and clients.

36. In the Hostname or IP address field, enter 10.10.1.19. In the Shared Secret field, paste the key value from the Notepad filed.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 111


37. Scroll-down and click Save button.
Note: If Save login credentials pop-up appears, click Don’t Save.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 112


38. Now, we shall configure role-based access permission to the Admin-Support group. As per the role of users only basic permissions will be
provided to ensure that they do not have access to advance system resources.

39. Navigate to the Groups tab, select the + Add button.


AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 113


40. In the Group name field, type Admin-Support, scroll-down and click Save.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 114


41. It can be viewed that Admin-Support group has been created, under the Actions column, click Edit group icon (pen icon).
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 115


42. Under Assigned Privileges section, click + Add button.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 116


43. Under Assigned Privileges, click to select WebCfg - Dashboard (all) scroll down, press Shift key from the keyboard and click WebCfg
- Status: UPnP Status. All the privileges from WebCfg - Dashboard (all) to WebCfg - Status: UPnP Status will be selected, as shown in the
screenshot.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 117


44. Scroll down and click Save.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 118


45. Navigate to the Settings tab, select CCT AD DOMAIN as an Authentication Server and click Save.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 119


46. Next, click ( ) icon from the top-right corner of the dashboard to logout from the account.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 120


47. Now, we will use non-administrative user account to sign into pfSense, the entered credentials will pass through the AD Domain Controller
machine and if the user account is present in the group, it will be granted access.

48. In the login page, enter Username and Password as john and user@123 respectively and click SIGN IN button.
Note: When, you login to the pfSense platform as a RADIUS client, the user credentials are passed to the RADIUS server (here, the AD Domain
Controller machine) for verification and if the credentials match and user account is present in the Admin-Support group, then the user will
be granted access to the platform.
Note: If a Save login credentials pop-up appears, click Don’t Save.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 121


49. You will be logged into the pfsense platform with basic privileges.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 122


50. Now, we will try to login into the pfsense platform, using a user account that is not a member of Admin-Support group.

51. Click ( ) icon from the top-right corner of the dashboard to logout from the account.

52. In the login page, enter Username and Password as bob/user@123 respectively and click SIGN IN button.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 123


53. This user will not be able to login subsequently, a Username or Password incorrect notification appears, as shown in the screenshot.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 124


54. This concludes the demonstration of implementing the centralized authentication mechanism using the AD Domain Controller as a
RADIUS server and pfSense device as a RADIUS client.

55. Close all open windows.

56. Turn off AD Domain Controller and PfSense Firewall virtual machines.
AUTHENTICATION
CENTRALIZED

MECHANISM
EXERCISE 4:
IMPLEMENT

Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 125


Copyrights @ 2022 EC-Council International Ltd. Certified Cybersecurity Technician 126

You might also like