
Topic 021: Security Concepts 021.1 Goals, Roles and Actors 021.1 Lesson 1 021.2 Risk Assessment and Management 021.2 Lesson 1 021.3 Ethical Behavior 021.3 Lesson 1 Topic 022: Encryption 022.1 Cryptography and Public Key Infrastructure 022.1 Lesson 1 022.1 Lesson 2 022.2 Web Encryption 022.2 Lesson 1 022.3 Email Encryption 022.3 Lesson 1 022.4 Data Storage Encryption 022.4 Lesson 1 Topic 023: Device and Storage Security 023.1 Hardware Security 023.1 Lesson 1 023.2 Application Security 023.2 Lesson 1 023.3 Malware 023.3 Lesson 1 023.4 Data Availability 023.4 Lesson 1 Topic 024: Network and Service Security 024.1 Networks, Network Services and the Internet 024.1 Lesson 1 024.1 Lesson 2 024.2 Network and Internet Security 024.2 Lesson 1 024.3 Network Encryption and Anonymity 024.3 Lesson 1 024.3 Lesson 2 Topic 025: Identity and Privacy 025.1 Identity and Authentication 025.1 Lesson 1 025.2 Information Confidentiality and Secure Communication 025.2 Lesson 1 025.3 Privacy Protection 025.3 Lesson 1 How to get certified Topic 025: Identity and Privacy 025.1 Identity and Authentication 025.1 Identity and Authentication Reference to LPI objectives Security Essentials version 1.0, Exam 020, Objective 025.1 Weight 3 Key knowledge areas Understanding of the concepts of digital identities. Understanding of the concepts of authentication, authorization, and accounting Understanding of the characteristics of secure password (e.g. length, special characters, change frequencies, complexity) Using a password manager Understanding of the concepts of security questions and account recovery tools Understanding of the concepts of multi-factor authentication (MFA), including common factors Understanding of the concepts of single sign-on (SSO) and social media logins Understanding of the role of email accounts for IT security Understanding of how passwords are stored in online services Understanding of common attacks against passwords Monitoring personal accounts for password leaks (e.g. search engine alerts for usernames and password leak checkers) Understanding of the security aspects of online banking and credit cards Partial list of the used files, terms and utilities Online and offline password managers keepass2 Single sign-on (SSO) Two-factor authentication (2FA) and multi-factor authentication (MFA) One-time passwords (OTP), time-based one-time passwords (TOTP) Authenticator applications Password hashing and salting Brute force attacks, directory attacks, rainbow table attacks Linux Professional Insitute Inc. All rights reserved. Visit the Learning Materials website: https://learning.lpi.org This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License. Next Lesson 025.1 Lesson 1 Proceed to first lesson

025.1 Identity and Authentication

Reference to LPI objectives

Security Essentials version 1.0, Exam 020, Objective 025.1

Weight

Key knowledge areas

Understanding of the concepts of digital identities.
Understanding of the concepts of authentication, authorization, and accounting
Understanding of the characteristics of secure password (e.g. length, special characters, change frequencies, complexity)
Using a password manager
Understanding of the concepts of security questions and account recovery tools
Understanding of the concepts of multi-factor authentication (MFA), including common factors
Understanding of the concepts of single sign-on (SSO) and social media logins
Understanding of the role of email accounts for IT security
Understanding of how passwords are stored in online services
Understanding of common attacks against passwords
Monitoring personal accounts for password leaks (e.g. search engine alerts for usernames and password leak checkers)
Understanding of the security aspects of online banking and credit cards

Partial list of the used files, terms and utilities

Online and offline password managers
keepass2
Single sign-on (SSO)
Two-factor authentication (2FA) and multi-factor authentication (MFA)
One-time passwords (OTP), time-based one-time passwords (TOTP)
Authenticator applications
Password hashing and salting
Brute force attacks, directory attacks, rainbow table attacks