mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-14 06:54:57 +03:00
mukul975
38 lines
1.4 KiB
Markdown
38 lines
1.4 KiB
Markdown
# Duo MFA Deployment Checklist
|
|
|
|
## Duo Admin Panel Configuration
|
|
- [ ] Admin account secured with hardware security key
|
|
- [ ] Admin API credentials generated and stored securely
|
|
- [ ] AD Sync configured for user provisioning
|
|
- [ ] User groups created (Standard, Privileged, Contractors)
|
|
|
|
## Authentication Policy Matrix
|
|
| Group | Push | Verified Push | WebAuthn | TOTP | SMS | Phone | Remember |
|
|
|-------|------|---------------|----------|------|-----|-------|----------|
|
|
| Standard | Yes | No | Optional | Yes | No | No | 7 days |
|
|
| Privileged | No | Yes | Yes | Backup | No | No | None |
|
|
| Contractors | Yes | No | No | Yes | No | No | None |
|
|
|
|
## Integration Points
|
|
| System | Integration Method | Status |
|
|
|--------|--------------------|--------|
|
|
| VPN (Cisco ASA) | RADIUS via Auth Proxy | [ ] |
|
|
| VPN (Palo Alto) | RADIUS via Auth Proxy | [ ] |
|
|
| Windows RDP | Duo for Windows Logon | [ ] |
|
|
| Linux SSH | Duo Unix (PAM) | [ ] |
|
|
| Web Apps (SAML) | Duo SSO | [ ] |
|
|
| Office 365 | Duo + Azure AD | [ ] |
|
|
|
|
## Device Health Policy
|
|
- [ ] Require disk encryption
|
|
- [ ] Minimum OS version: Windows 10 22H2 / macOS 13 / iOS 16 / Android 12
|
|
- [ ] Require firewall enabled
|
|
- [ ] Block jailbroken/rooted devices
|
|
- [ ] Require screen lock
|
|
|
|
## Emergency Procedures
|
|
- [ ] Bypass code generation procedure documented
|
|
- [ ] Failmode configuration documented per integration
|
|
- [ ] Emergency contact list for Duo outage
|
|
- [ ] Alternative authentication path tested
|