Lab 4 Doc.

In: Computers and Technology

Submitted By bviabus89
Words 326
Pages 2
Lab #4 – Assessment Worksheet
Configure Group Policy Objects and Microsoft Baseline Security Analyzer (MBSA)
Course Name & Number: NT2580
Student Name: Bryan Villa
Instructor Name: Mr. Kravitz
Lab Due Date: May 17, 2013
Lab #3 Assessment Questions & Answers 1. Define why change control management is relevant to security operations in an organization? Allows for testing and documentation of changes before they sent to management for review and implementation. 2. What type of access control system uses security labels?
Logical/MAC
3. Describe two options you would enable in a Window’s Domain password policy?
-Password must meet requirements
-30 minute lockout after 3 failed attempts to get login correct 4. Where would patch management and software updates fail under security operations management? They must ensure the patches and updates don’t affect other programs or even leave weak spots in a systems security. 5. Is there a setting in your GPO to specify how many login attempts will lockout an account? Name 2 parameters that you can set to enhance the access control to the system. Yes a. Password must meet the requirements b. Minimum password length 6. What are some Password Policy parameters that you can define for GPOs that can enhance the C-I-A for system access? c. Enforce password history d. Minimum password age e. Maximum password age f. Password must meet complexity requirements

7. What sources could you use as a source to perform the MBSA security state?
Windows Server 2008 R2, Windows 7, Server 2003 8. What does WSUS stands for, and what does it do? Windows Server Update Services. It provides updates and patches for Microsoft programs. 9. What is the difference between MBSA and Microsoft Update? MBSA scans for missing updates and possible vulnerabilities, while…...

Similar Documents

Lab 4

...1. Define why change control management is relevant to security operations in an organization? It allows having the ability to manage what users have can and can’t do in the 2. What type of access control system uses security labels? LBAC Label-base access control 3. Describe two options you would enable in a Window’s Domain password policy? Uppercase letters along with lowercase and numbers 0-9 4. Where would patch management and software updates fall under in security operations and management? The SA or other authorized personnel are responsible for informing local administrators about patches that correspond to software packages included on the organizational software inventory. 5. Is there a setting in your GPO to specify how many login attempts will lockout an account? Name 2 parameters that you can set to enhance the access control to the system. You can augment the default access privileges for an access level. When you configure a user account, you can give the account one of three privilege levels: full access, port-configuration access, and read-only access. 6. What are some password policy parameter options you can define for the GPO’s that can enhance the C-I-A for system access? A good password policy should require passwords to be at least some specified number of characters long. It should also require that all passwords contain at least one letter and one number and a special character. One other rule to implement would be......

Words: 414 - Pages: 2

Lab 4

...1. What are the five steps of a hacking attack. Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks 2. During the reconnaissance step of the attack, describe what task Zenmap GUI performs to do passive os fingerprinting. It sends commands to the platform-specific nmap executable and pipes the output back. Zenmap uses Profiles which are basically nmap parameter presets to specify how scans are performed. 3. What step in the hacking attack process uses Zenmap GUI? System Hacking 4. What step in the hacking attack process identifies known vulnerabilities and exploits? Enumeration 5. During the scanning step of the hacking attack process, you identified known software vulnerabilities in a Windows XP Professional Workstation. List the name and number of the critical Microsoft vulnerabilities identified. What is vulnerability ''MSO8-067"? MS08-067: Vulnerability in Server service could allow remote code execution. 6. Which tool and application were used to exploit the identified vulnerability on the targeted Microsoft 2003 XP SP2 Workstation? Microsoft Server Service Relative Path Stack Corruption and Metasploit 7. If you were a member of a security penetration testing team, and you identified vulnerabilities and exploits, should you obtain written permission from the owners prior to compromising and exploiting the known vulnerability? Yes. 8. What does the tool Ettercap do? Ettercap is a free and open source network security......

Words: 342 - Pages: 2

Netw410 Week 4 Lab

...NETW410 Week 4 Lab Joseph Lymas NETW410, Afzal 8/3/2013 Lab 4: Connecting Point A to Point B 1. How should an Internet connection be made for the current campus? Why did you select this option over the others? AT&T is the carrier providing service to the existing campus as well as the new campus. Examine the offerings for Internet access to select the one that should be used. The internet connection should be made through DSL connection with Category 5 CM-rated UTP cable for the current campus because this will increase security ant reliability. 2. How should the existing and new campus locations be connected to each other? The should be connected to each other by a 2.4GHz 802.11b open wireless network whose access points are mounted on overhead light poles outside of each building. 3. Should the two locations share an Internet connection? Yes 4. Compare the advantages, disadvantages, and cost of fiber optic cable, 5 GHz wireless bridges, and free space optics as a means to interconnect the campus buildings to the IT wing of the Administration Building. Fiber optic cable, 5 GHz wireless bridges are an inexpensive and reliable way to interconnect the campus buildings to the IT wing of the Administration Building 5. What would be required to interconnect the existing campus and the new campus to each other using fiber optic cable laid within the hiking trail right of way? A single IP addressing scheme for the entire campus and a open wireless network...

Words: 352 - Pages: 2

Lab 4

...In this lab, you explored all five phases of hacking using Zenmap GUI for Nmap, Nessus®, BackTrack4, and the Metasploit Framework application. Lab Assessment Questions & Answers 1. What are the five steps of a hacking attack? Footprinting- acquiring information about target Scanning - use acquired information from footprinting to gain more detailed information Enumeration- Extracting more-detailed and useful information System hacking- attack a system using a method that deems useful Covering Tracks – Covering tracks to avoid detection 2. During the reconnaissance step of the attack, describe what task Zenmap GUI performs to do passive OS fingerprinting. sends commands to the platform-specific nmap executable and pipes the output back 3. What step in the hacking attack process uses Zenmap GUI? System Hacking 4. What step in the hacking attack process identifies known vulnerabilities and exploits? enumeration 5. During the scanning step of the hacking attack process, you identified known software vulnerabilities in a Windows XP Professional Workstation. List the name and number of the critical Microsoft® vulnerabilities identified. What is vulnerability “MS08-067”? MS08-067: Vulnerability in Server service could allow remote code execution. 6. Which tool and application were used to exploit the identified vulnerability on the targeted Microsoft® Windows 2003 XP server? Microsoft Server Service Relative Path Stack Corruption and Metasploit 7. If......

Words: 357 - Pages: 2

Lab 4

...1. The five steps to a hacking attack is reconnaissance, scanning, gaining access, maintaining access and covering tracks. 2. During the reconnaissance step Zenmap GUI performs the task of fingerprinting and port scanning. It sends commands to the platform-specific nmap executable and pipes the output back. The process monitors and captures network traffic. The traffic is analyzed to determine which operating system is used. 3. Zenmap GUI is used during the scanning process. 4. Vulnerabilities and exploits are identified in the enumeration step of the hacking process. 5. The software vulnerability that was found was ms-08-067 and this vulnerability makes the remote host vulnerable to a buffer overrun in the Server service that may allow an attacker to execute arbitrary code on the remote host with the System privileges 6. The tools used to exploit the identified know software vulnerabilities on the targeted Windows XP professional workstation were the Microsoft Server Service Relative Path Stack Corruption and Metasploit. 7. When you are a member of a security penetration testing team. You should obtain written permission from an owner prior to compromising and exploiting the know vulnerabilities. 8. Ettercap is a free and open source network security tool for man-in-the-middle attacks on LAN. It can be used for computer network protocol analysis and security auditing. It is capable of intercepting traffic on a network segment, capturing passwords...

Words: 281 - Pages: 2

Lab 4

...Willie Harris ------------------------------------------------- is3230 lab 4.2 Implement Organizational-Wide Network and WLAN Access Controls 1. Each time you open a port or allow a program to communicate through a firewall, your computer becomes a bit less secure. The more allowed programs or open ports your firewall has, the more opportunities there are for hackers or malicious software to use one of those openings to spread a worm, access your files, or use your computer to spread malicious software to othersEach time you open a port or allow a program to communicate through a firewall, your computer becomes a bit less secure. The more allowed programs or open ports your firewall has, the more opportunities there are for hackers or malicious software to use one of those openings to spread a worm, access your files, or use your computer to spread malicious software to others. 2. 2. By going to start -> control Panel -> Select firewall there it gives you the options that are on Windows Firewall. 3. First if you’re sitting in a coffee shop and decide you want to check your Facebook page and your email to kill some time. You scan the available networks and see one that’s open and unsecured. You connect and start surfing. Coffee and free WiFi, what could be better, right? Wrong! A hacker is also fond of coffee shops and he is located within range of the router you connected to. He’s waiting for one or more people to connect to the network so he can start......

Words: 628 - Pages: 3

Lab 4

...that describe this failure? Local Security Policy Account Lockout Policy - Duration The IT department is implementing an account lockout policy that will keep a user’s account locked for 15 minutes during a hacker’s attack. Your assignment is to create an account lockout policy that will release the user’s account after being locked for 15 minutes. Account Lockout Policy – Reset Counter Create an account lockout policy that will allow the counter to be reset after 15 minutes of inactivity. Account Lockout Policy - Threshold In order to prevent a hacker from gaining access to your network, you decide to implement an account lockout policy. Create an account lockout policy that will lock a user’s account after 4 failed logon attempts. Audit Policy You suspect that someone has been attempting to hack into your computer at night, so you decide to create an audit of all logon attempts. Without creating a group policy, set up an audit that will record both successful and unsuccessful logon attempts. Password Policy - Complexity Create a password policy that forces users to use upper case letters, lower case letters, numbers, and/or symbols in their passwords. Password Policy - History Create a password policy that does not allow a user to reuse his/her last 3 passwords. Password Policy – Maximum Age Create a password policy that requires a user to change his/her password every 60 days. Password Policy –......

Words: 6123 - Pages: 25

Lab 4

...Sandra Guzman 01/22/2015 Lab 4 Deliverables Note: Screenshots will be provided at the end. Q: From your local computer, use your favorite Internet browser to research the threat identified on this screen and the possible remediation steps and document your findings in your Lab Report file. Viruses found: 1. Win32/DH{eR4UTxVzG3U} 2. Win32/DH{eR4UTxVzG3U} 3. Win32/DH{HhMXFE8Vcxt1} 4. Trojan horse Dropper.Generic4.BVMA 5. Trojan horse Hider.BNG 6. Trojan horse PSW.Generic11.NYJ 7. Potentially harmful program Logger.IAC 8. Potentially harmful program RemoteAdmin.IH 9. Potentially harmful program Tool.IT Assessment: 1. It seems that the first three are all the same type of virus. A “Win/DH is a malicious software that once it is executed has the capability of replicating itself and infect other files and programs”( Win/DH). They “can steal hard disk space and memory that slows down or completely halts your PC, corrupt or delete data, erase your hard drive, steal personal information, hijack your screen and spam your contacts to spread itself to other users” (Win/DH). To avoid the possibility of one, you should be careful of e-mail attachments especially if they are from an outside source, as well as download links on websites. Having a virus removing application such as AVG is essential to being able to remove these viruses before they spread. AVG is capable of detecting this virus while surfing the web and...

Words: 1494 - Pages: 6

Lab 4: Enzymes

...INSTRUCTIONS: • On your own and without assistance, complete this Lab 4 Answer Sheet electronically and submit it via the Assignments Folder by the date listed in the Course Schedule (under Syllabus). • To conduct your laboratory exercises, use the Laboratory Manual located under Course Content. Read the introduction and the directions for each exercise/experiment carefully before completing the exercises/experiments and answering the questions. • Save your Lab 4 Answer Sheet in the following format: LastName_Lab4 (e.g., Smith_Lab4). • You should submit your document as a Word (.doc or .docx) or Rich Text Format (.rtf) file for best compatibility. Pre-Lab Questions 1. How could you test to see if an enzyme was completely saturated during an experiment? 2. List three conditions that would alter the activity of an enzyme. Be specific with your explanation. 3. Take a look around your house and identify household products that work by means of an enzyme. Name the products, and indicate how you know they work with an enzyme. Experiment 1: Enzymes in Food This experiment tests for the presence of amylase in food by using Iodine-Potassium Iodide, IKI. IKI is a color indicator used to detect starch. This indicator turns dark purple or black in color when in the presence of starch. Therefore, if the IKI solution turns to a dark purple or black color during the experiment, one can determine that amylase is not present (because presence of amylase would break......

Words: 1945 - Pages: 8

Lab 4

...NT1210 Lab 4.1 : Copper Cabling Exercise 4.1.1 Stability, consistency, and minimization of packet errors. Exercise 4.1.2 The power requirements to send data is much lower than the requirements to transfer electricity. Exercise 4.1.3 Protection from power frequency, radio frequency interference, reducing errors generated. Exercise 4.1.4 CategoryMaximum SpeedApplication 11MbpsVOICE ONLY( TELEPHONE WIRES) 24MbpsLOCAL TALK & TELEPHONE 316Mbps10 BASE T ETHERNET 420MbpsTOKEN RING 5100/1000100 BASE T ETHERNET/GIGABIT ETHERNET 5E1Gbps/1000mbpsGIGABIT ETHERNET 610GbpsGIGABIT ETHERNET/IP TELPHONY 6E10GbpsGAGBIT ETHERNET/HIG END WORK STATION Exercise 4.1.5 Exercise 4.1.6 Coaxial cable conducts electrical signal using an inner conductor (usually a solid copper, stranded copper or copper plated steel wire) surrounded by an insulating layer and all enclosed by a shield, typically one to four layers of woven metallic braid and metallic tape. The cable is protected by an outer insulating jacket. Normally, the shield is kept at ground potential and a voltage is applied to the center conductor to carry electrical signals. Exercise 4.1.7 The distance limit is 100m for UTP cabling.  It is very important that you know exactly how to wire UTP cables. Cabling is the base of a solid network, and doing it correctly the first time will help you avoid hours of frustration and troubleshooting. On the other hand, if you are dealing with a poorly cabled network,......

Words: 611 - Pages: 3

Lab 4

...Leando Henderson Jr NT1210 Lab Exercise 4.1.1 On page 107 the book explains that standards exist for the NIC and the cabling so that all networks and equipment would match up if not then you might buy a computer and it not fit your cabling on your network or vice versa. These standards exist so that all equipment would match up and networks could be simplified. Exercise 4.1.3 Shielded copper cable is currently best known for POE equipment. Security systems, Microphones, and other high end audio cables would be my best examples for a clear visual. This super expensive cabling is used for these types of applications because the shielding help to prevent the Electro Magnetic Interference to be more specific on a security system this shielding and braiding eliminates the false alarms that would occur if not for the shielding. Exercise 4.1.10 Multimeter : The purpose of a multimeter is to measure how much voltage or electrical signal that is currently being transmitted thru a cable or medium. A basic tool for any electrician or IT personnel Tone Generator: This equipment generates audio pulses to components. In the case of audio equipment testing, frequency response and sound evaluation are recorded. Pair Scanner: A Pair Scanner is used to find faults on cabling in a network. Time domain reflector (TDR): Used to locate faults in metallic cables (for example, twisted pair wire or coaxial cable). It can also be used to locate discontinuities in a connector,......

Words: 320 - Pages: 2

Biology Lab 4 Umuc

...Your Full Name: UMUC Biology 102/103 Lab 4: Enzymes INSTRUCTIONS: * On your own and without assistance, complete this Lab 4 Answer Sheet electronically and submit it via the Assignments Folder by the date listed in the Course Schedule (under Syllabus). * To conduct your laboratory exercises, use the Laboratory Manual located under Course Content. Read the introduction and the directions for each exercise/experiment carefully before completing the exercises/experiments and answering the questions. * Save your Lab 4 Answer Sheet in the following format: LastName_Lab4 (e.g., Smith_Lab4). * You should submit your document as a Word (.doc or .docx) or Rich Text Format (.rtf) file for best compatibility. Pre-Lab Questions 1. How could you test to see if an enzyme was completely saturated during an experiment? - Add more substrate and record the rate. If the rate of the reaction is constant, all the enzymes are saturated. 2. List three conditions that would alter the activity of an enzyme. Be specific with your explanation. * Temperature – Cold temperature will cause the enzyme to work slow, hot temperature will cause the enzyme to increase the movement making it less stable. * PH – Difference in range in the PH scale can alter the shape of the enzyme’s active site * Concentration Of Substrate – Less or more of enzymes to substrates ratio will affect the rate of collisions between the two affecting the number of reactions. ...

Words: 1006 - Pages: 5

Lab 4

...Lab 4 Daniel Torres NT1410 Mr. Kay 1/28/2016 Virtual Lab Tour The first difference I did take notice was the entirely different look that it brought up. With Windows 10, we have the start menu, which in my case, is a reason I love Windows and its OS. Ubuntu doesn’t have one, but it is still manageable. The office applications it comes with is pre-installed and works just as fine as it would with Windows. Spreadsheets to Word, it is all in there with no hassle. The office suite that really makes the difference in both configurations is the look and feel. With icons being changed and a different feel about it. The windows landscape of it changing the closing current window bugs me because it is on the left rather than the normal right I am used to. Although Ubuntu office software is limited and only most used applications for that suite would be used on everyday uses, it doesn’t compare to that of Windows 10. The dash home environment from Ubuntu brings up limited content that you would use immediately, but not the essentials in Windows 10. I would like to implement the Start Menu to Ubuntu as many users in the Windows 8 community did not like the fact that Microsoft took the number one feature out. The installation of Ubuntu differed on the fact that it took quite some time to install and the student next to me had a problem himself though. It sent him into terminal rather than the GUI interface of the desktop. I had no issues on my part, other than......

Words: 278 - Pages: 2

Itt Lab 7 Lab Doc

...© Jones & Bartlett Learning, LLC. NOT FOR SALE OR DISTRIBUTION Lab #7 - Assessment Worksheet Using Encryption to Enhance Confidentiality and Integrity Course Name and Number: _____________________________________________________ john schenberger Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you learned how cryptography tools can be used to ensure message and file transfer integrity and how encryption can be used to maximize confidentiality. You used Kleopatra, the certificate management component of GPG4Win, to generate both a public and private key as both a sender and a receiver. You used the sender’s keys to encrypt a file, sent it to the receiver, and decrypted it using the receiver’s copy of the keys. Lab Assessment Questions & Answers 1. If you and another person want to encrypt messages, should you provide that person with your public key, private key, or both? The public key is the only key that I will share with another person as part of the handshake in order of the encryption take place. 2. What does Kleopatra allow you to do once it is installed? Kleopatra allow you to encrypted messages, files and text with a private key. 3. What key type was used to create the certificate on Kleopatra? What other types of encryption key......

Words: 285 - Pages: 2

Lab 4

...Lab 1 – Introduction to Science Exercise 1: The Scientific Method Dissolved oxygen is oxygen that is trapped in a fluid, such as water. Since many living organisms require oxygen to survive, it is a necessary component of water systems such as streams, lakes, and rivers in order to support aquatic life. The dissolved oxygen is measured in units of parts per million (ppm). Examine the data in Table 4 showing the amount of dissolved oxygen present and the number of fish observed in the body of water the sample was taken from and then answer the questions below. QUESTIONS 1. Make an observation – Based on the data in Table 4, describe the relationship between dissolved oxygen content and fish populations in the body of water. Discuss the pattern observed in the data set. Answer = as the Dissolved Oxygen goes up the greater the survival rate is for the fishes. The pattern for the Dissolved Oxygen goes up by two’s and the number of fish has a unique pattern when matched with the dissolved oxygen. Pattern (2, 4 ppm)…..the fishes decrease by one. (6, 8 ppm)……the fishes increase by 4 (10, 12 ppm)…the fishes increase by 3 (14, 16 ppm)….the fishes decreases by 4 18 ppm…..the fishes decreases by 5 2. Do background research – Utilizing at least one scholarly source, describe how variations in dissolved oxygen content in a body of water can affect fish populations. Answer = According to research the dissolved...

Words: 888 - Pages: 4

Henry Fonda | Garry Cadenat | Télécharger