Kerberos authentication protocol in Windows domains

Understand, configure, troubleshoot, secure and monitor Kerberos authentication protocol in Windows domains.

The course will introduce you to Microsoft implementation of Kerberos authentication protocol and its benefits, terminology, concepts, and service infrastructure. It will then explain how Kerberos works through detail and step-by-step examination of the ticketing system and communication messages in various configurations using flow diagrams and network traffic analyzer to get better understanding of the processes under the hood. Understanding how Kerberos works will help you troubleshoot complex problems and reduce stress.

What you’ll learn

  • Learn Kerberos terminology and concepts..
  • Understand how Kerberos authentication works..
  • Configure Kerberos authentication in a secure way for multi-tier applications..
  • Resolve Kerberos authentication problems using Network Monitor and analytical thinking..
  • Secure and monitor Kerberos infrastructure and communications..

Course Content

  • Introduction –> 10 lectures • 17min.
  • How Kerberos works –> 6 lectures • 26min.
  • Kerberos configuration –> 8 lectures • 29min.
  • User impersonation and Kerberos delegation –> 12 lectures • 39min.
  • Troubleshooting Kerberos issues –> 13 lectures • 34min.
  • Kerberos security –> 10 lectures • 28min.
  • Monitor Kerberos –> 1 lecture • 5min.
  • Conclusion and thank you –> 1 lecture • 1min.

Kerberos authentication protocol in Windows domains

Requirements

  • This is expert level course with focus on Kerberos infrastructure and authentication..
  • You should have experience with Windows server infrastructure and Active Directory..
  • Good knowledge of communication protocols and security standards is required..
  • Knowledge of Microsoft IIS, SQL Server and Exchange Server will help a lot..

The course will introduce you to Microsoft implementation of Kerberos authentication protocol and its benefits, terminology, concepts, and service infrastructure. It will then explain how Kerberos works through detail and step-by-step examination of the ticketing system and communication messages in various configurations using flow diagrams and network traffic analyzer to get better understanding of the processes under the hood. Understanding how Kerberos works will help you troubleshoot complex problems and reduce stress.

 

We will walk through the configuration of the most common Microsoft applications such as IIS, SQL, Exchange, and file servers, including multi-hop setups and mid-tier service integration, discuss impersonation, review delegation options, and see why some of these options are not so secure. We will also learn how to Kerberize non-Windows services so they can benefit from Kerberos security and convenience of SSO.

 

Then we will dive into troubleshooting issues, go through a checklist so we don’t miss most common misconfigurations and we will look into specific troubleshooting examples. We will also examine Kerberos vulnerabilities and the most common attacks, such as Kerberoasting and Golden and Silver Tickets and talk about how to prevent and detect compromise. Finally, we will look into relevant monitoring and alerting options and learn how to use these for detecting malicious activity.