MFA Hardening Workshop: Mastery
RCCE students will learn multi-factor authentication technologies, deployment strategies, and attack resistance including TOTP, FIDO2/WebAuthn, push notifications, hardware tokens, and biometric authentication. RCCE students will learn to evaluate MFA methods by security strength and usability, deploy MFA across enterprise applications and remote access systems, configure MFA policies in identity providers, detect and respond to MFA bypass techniques including SIM swapping, MFA fatigue attacks, adversary-in-the-middle phishing, and real-time phishing proxies. The course covers MFA enrollment management, recovery procedures, and migration strategies from weaker to stronger authentication factors. This hands-on hardening course focuses on reducing attack surface through practical configuration changes and security guardrails. Building on core knowledge, RCCE students will learn to apply hardening baselines, validate configurations, and measure the security improvement achieved. Students walk away with actionable hardening checklists and the skills to maintain hardened configurations as environments evolve.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing MFA Hardening Workshop: Mastery
- Execute hands-on tasks for advanced cyber defense mastery
- Execute hands-on tasks for orgs still lack phishing-resistant mfa — covering MFA is the single highest-ROI identity control.
- Execute hands-on tasks for core definitions: authentication factors
- Execute hands-on tasks for security assessment
- Execute hands-on tasks for mfa method: totp (time-based one-time password) — covering How TOTP Works.
- Execute hands-on tasks for alert soc on repeated push denials (>2 in 10 minutes)
- Execute hands-on tasks for hardware tokens & biometric authentication
- Execute hands-on tasks for hardware security keys
- Execute hands-on tasks for biometric: fingerprint/face — covering Smart Cards (PIV/CAC).
- Execute hands-on tasks for push notification
- Execute hands-on tasks for push + number match
- Design a scalable privilege management architecture with policy and enforcement
| Module 01 | Advanced Cyber Defense Mastery |
| Module 02 | Orgs still lack phishing-resistant MFA |
| Module 03 | Core Definitions: Authentication Factors |
| Module 04 | Security Assessment |
| Module 05 | MFA Method: TOTP (Time-Based One-Time Password) |
| Module 06 | Alert SOC on repeated push denials (>2 in 10 minutes) |
| Module 07 | Hardware Tokens & Biometric Authentication |
| Module 08 | Hardware Security Keys |
| Module 09 | Biometric: Fingerprint/Face |
| Module 10 | Push Notification |
| Module 11 | Push + Number Match |
| Module 12 | Enterprise MFA Architecture Design |
| Module 13 | User Endpoints |
| Module 14 | Identity Provider (IdP) |
All hands-on labs run on Rocheston Rose X OS. Students practice mfa hardening workshop: mastery by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for advanced cyber defense mastery
- Lab 2: Execute hands-on tasks for orgs still lack phishing-resistant mfa
- Lab 3: Execute hands-on tasks for core definitions: authentication factors
- Lab 4: Execute hands-on tasks for security assessment
- Lab 5: Execute hands-on tasks for mfa method: totp (time-based one-time password)
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for MFA Hardening Workshop: Mastery, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI