Free
Challenge: MFA ... All Day Every Day
National Cybersecurity Awareness Month has several themes, one of which is Multi-Factor Authentication (MFA). This MFA challenge will have you analyze a log and identify the potential MFA attack. The goal is to review suspicious requests and identify how MFA can be attacked in real-world use cases.
1
H
0
M
Time
beginner
difficulty
1
ceu/cpe
Course Content
No items found.
Course Description
MFA from an DFIR view!
> In this [NCAM](https://www.cisa.gov/cybersecurity-awareness-month) challenge, you will analyze a web server log reviewing an MFA attempt. This challenge aims to look beyond the basics of MFA being a recommendation and critically examine why proper implementation is also essential. We all know that MFA is an excellent security control, but let’s see why it is vital to implement it correctly!1.) How is the application verifying the user? 2.) What is the value the user is submitting? 3.) How could a user capture this information? 4.) What is the bypass being used?
![CySeeker Peculiar](//images.ctfassets.net/kvf8rpi09wgk/qbEzmd4efRzpA1lBEW8vZ/9fb4bc97f855861107cfa48daf666920/CySeeker_Peculiar.png)