HARDENING & SECURITY
Lab 1 Assessment Questions and Answers
1. Relate how Window Server 2008 R2 Active Directory and the configuration of access
controls achieve C-I-A for departmental folder, and data.
You must create security prin
Discuss common forms of attack on Microsoft systems.
The four basic types of attacks are: Access, Modification, Denial of Service, and Repudiation.
Attacks can come from many places, electronic, physical, or human. Electronic attacks may
come from the ext
5. Discuss tools and techniques for removing Malware using the text Internet, and/or your job as
reference for full credit
A specific component of the Anti-virus and anti-malware software commonly referred as
the on-access or real-time scanne
Discuss the role of encryption in ensuring confidentiality.
Confidentiality, integrity, and availability (CIA) is a model designed to guide policies for
information security within an organization. In this context, confidentiality is a set of rules that
Week 6 Lab & Assessment
Part 4 Assessment
1. What is the difference between roles and features in Windows Server
Roles are predefined set of services, programs, and configuration
settings that enables a computer to fulfill specific req
Lab 8 and Assessment Questions
Lab Assessment Questions & Answers
1. What are the steps you took to harden IIS?
Set up the NTFS drive for the IIS application and data, NTFS
permissions, developers, IUSER, logging and system and admin.
The most commonly deployed system in a business organization is a workstation. Different
workgroups within that organization would be configured to their own needs, with their own
applications and settings. The images for those workstations should remain
Hardening Microsoft clients and servers is best achieved through business-centric security
practices. IT services must work closely with business units in organizations to identify not only
the most critical components of the IT landscape, but the critica
Any system is vulnerable to infection. Even an air gapped systems like the Natanz
enrichment plant in Iran, was infected by the Stuxnet virus. Open Sourced operating systems are
vulnerable, but patches and updates are more often quickly generated and appl
An Access Control List (ACL) is essentially a script of rules that filter networked traffic
across the edge of a Local Area Network (LAN) as it interfaces with a Wide Area Network
(WAN), or the Internet. The most common mistake is that this filt
Week 5 Lab and Assessment
I could not transfer this to my desktop for some reason.
Lab Assessment Questions & Answers
1. Is using the option to Store passwords using reversible encryption a good
security practice? Why or why not?
Group Policy enables Active Directory based changes and configurations of users and computer
settings on Windows OS platforms and servers. On servers it additionally aids in operational and
security settings. Group Policy settings are all stored in Group
Encryption provides fundamental strengths to both confidentiality and integrity in the CIA
security policy model. Confidentiality is improved by adding extra means of authentication to
access data by means of credentials or encryption keys. Bot
Week 7 Lab and Assessment Questions
1. What is SCW and how is it used?
Its a utility tool that creates policies based on the least privilege
principle for server rolls that have been selected during install
As with Access Control Lists (ACLs), the policy of least privilege is based on the concept
of deny all, and only allow access as needed to carry out day to day tasks. It is meant to be
extremely restrictive and falls under the Common Criteria for Informat
Access Controls Criteria
Allow members of the Shopfloor users and
Access Control Requirement
the SFManager to modify, read and execute
files in C:\LabDocuments\SFfiles.
Allow HumanResources users and the
HRManager to modify, read and execute
The benefits at my work for using active directory is very simple we have sales representatives
that we don't want in or information for lab and testing just as much as we don't need to be in
there part of saved files for all of sales customers. So we hav
The concepts behind least privilege is to make sure the users that need access to certain files or
programs have them whenever they need them, as well as denying them from things or information they
do not need to see. In my work place we have sales group
AMERICAN PUBLIC UNIVERSITY
ISSC342 Elliot Lynn
Upgrading and securing your network of over 250,000 employees in the five different
countries, also having the several different version of operating systems running. Now you wan
In today's market there is thousands of Anti-Virus and Anti-Malware software people can use
also can be referred to as a real time scan on the computer. I would think the most common used in the
windows world would be Windows Defender. These program links
There is so many different functions that Microsoft Windows offers for security I will tray and cover as
much as them that I can or at least some of the features I use at work. One for sure is creating
different user accounts and even different groups for
Upgrading and securing your network of over 250,000
employees in the five different countries, also having the several
different version of operating systems running. Now you want to
The lab that really helped me understand a whole new aspect to the security aspect of computers was
lab assignment 2 "Using Access Control Lists to Modify File System Permissions on Windows System".
This is because I had very little knowledge of this reso
1. Was the student able to relate how a data classification standard will dictate whether certain
folders and files need encryption while residing on hard drives within the workstation domain?
2. Was the student able to identify requirements for Microsoft
The three tools I currently use for work and home to backup and restore are windows system
restore, backup all my file and photos on a external drive, and finally restore with windows startup
disk. Now each of these will help for different situations depe
Now at my company we dont really have a CSIRT per say but we have it as there is only two people who
get called when something goes wrong. My direct supervisor and myself our constantly called for any
issue relating computers or the networking no matter w
Upgrading and securing your network of over 250,000 employees in the five different countries,
also having the several different version of operating systems running. Now you want to make th
You are a Security professional hired by NextGard Technologies in Phoenix, AZ to provide a Windows
security implementation model for their organization. NextGard specializes in network consulting
services for US companies and they want to upgrade and secu
Week 4 Lab
The first 2 are the same and the 3rd one is detected and removed the same way.
1. What is the one thing that a virus, a worm, spyware, and malicious code
have in common?
What are the differences among these th
By Mark Fitzgerald
PROTECTING SMALL BUSINESS
These days security is imperative to protect any kind of data that can be accessed over
the internet. If you dont have the right set up for your operation hackers and/or
attackers will find a wa
Protecting Small Business Windows Systems Outline
a. Current in place protection.
b. Possible outcome of current protection
c. Implement new protection
a. Current in place protection details
b. Update protection deta
BitLocker and BitLocker To Go
BitLocker and BitLocker To Go is designed to protect data by providing encryption for entire
volumes when the loss and or theft of storage media is a concern. They both require a
professional or Enterprise edition of Windows
1. Step 1: Enter Safe Mode. Keep your PC disconnected from the Internet, and don't use it
until you're ready to clean your PC. .
2. Step 2: Delete Temporary Files. Now that you're in Safe Mode, you'll want to run a virus
3. Step 3: Download Malwar