Free Essay

Is4680 Week 1 Lab Executive Summery

In: Computers and Technology

Submitted By mell041263
Words 651
Pages 3
Lab #2: Executive Summary
Windows Hardening Defense, starts with the basics, Log in with least amount of privileges. Always use Firewall and AV. Monitor channels for security advisories and alerts. Know your system(s). Patch early and patch often, Unpatched Systems are the lowest of low hanging fruit. Have a patch policy documented and stick with it. Review patches as they are released and determine criticality based on the exploit, threat footprint for your system(s), and whether or not there is a POC or fully weapon exploit in the wild. When possible, test patches before rolling out in production on servers. Most clients should have automatic updates enabled for the OS and any application listening on a socket or used with untrusted data (java, adobe, browsers, etc...) Servers should be updated during maintenance windows if possible and depending on criticality (of threat and server).
Security Technical Implementation Guide is a Compendium of DOD Policies, Security Regulations and Best Practices for Securing an IA or IA-Enabled Device (Operating System, Network, Application Software, etc.) A Guide for Information Security. Mandated in DODD 8500.1, DODI 8500.2 and endorsed by CJCSI 6510.01, AR 25-2, and AFI 33-202. The goals of STIG are to provide Intrusion Avoidance, Intrusion Detection, Security Implementation Guidance, Response and Recovery.
DISA STIGs offers configuration guides and checklists for: Databases, Operating Systems, Web Servers, Etc... Also provides standard “findings” and impact ratings CAT I, CAT II, CAT III. First draft November 2006; first release July 2008. 129 requirements covering: Program Management, Design & Development, Software Configuration Management, Testing and Deployment. ASD STIG applies to “all DoD developed, architected, and administered applications and systems connected to DoD networks”. Essentially anything plugged into DoD. Requirements can be extremely broad: APP3510: The Designer will ensure the application validates all user input. APP3540: The Designer will ensure the application is not vulnerable to SQL Injection. Requirements can be extremely specific: APP3390: The Designer will ensure users accounts are locked after three consecutive unsuccessful logon attempts within one hour. Requirements can be esoteric: APP3150: The Designer will ensure the application uses FIPS 140-2 validated cryptographic modules to implement encryption, key exchange, digital signature, and hash functionality. Requirements can be expensive: APP2120: The Program Manager will ensure developers are provided with training on secure design and coding practices on at least an annual basis.
Exploiting known vulnerabilities with PenTest apps it is very easy to discover if a server is vulnerable (Nessus, metasploit, etc.) SNMP hacking to reveal server uptime (for Windows it is OID 1.3.6.1.2.1.1.3.0) for critical always-on systems they may not have been rebooted for months/years. Easy to back-date in a vulnerability database and see which patches require a reboot and know for certain they aren’t properly applied. If you have an account on the server you can use “net statistics server” or “net statistics workstation” to determine uptime. Security compliance manager is the framework used for Stripping, Hardening, and Compliance purposes. Use this to make a Gold/Master image for mass distribution or for individual stand-alone machines. Explicit guides are defined for hardening the registry and other file system settings. Templates for OS, Roles, Features, and Applications. With System Center 2012 you can apply industry standard compliance templates for PCI, FISMA, ISO, HIPAA, etc. The STIGs and NSA Guides are the configuration standards for DOD IA and IA-enabled devices/systems. STIGs are lists of all controls and what their values must be in order to be compliant. In process of migrating to using NIST’s SCAP (Security Content Automation Protocol) to automate compliance monitoring. Newer auditing tools have SCAP integration already in place. DISA FSO Gold Disk was used for older systems (W2k8R1 and Vista are last supported) for automated auditing.
Citations: http://www.disa.mil/ and http://iase.disa.mil/stigs/index.html#…...

Similar Documents

Premium Essay

Week 1 Lab

...NETW420 ADVANCED NETWORK MANAGEMENT Title of the Lab School of Engineering and Information Sciences Instructor Name SUBMITTED BY: SUBMITTED ON: Table of Contents Objectives 3 Problem Definition 3 Background Theory 3 Methodology and Procedure 3 Observations, Data, Findings, and Results 4 Questions and Answers 4 Recommendations and Conclusions 4 Lessons Learned 4 Document Certification 4 Objectives * Write the purpose and usefulness of the lab experiment. * What are the main outcomes that will be addressed in this lab experiment? * For example, * This lab report investigates * network performance in a hub-based network; * the impact of quality of service (QoS) on VoIP and videoconferencing; and * the impact of intrusion prevention systems (IPS) on distributed denial of service (DDoS) attacks. Problem Definition * Discuss what you are trying to investigate. * Look at it this way: If there was nothing wrong, would you be performing this lab experiment? * What is not working right now that leads to the need of performing this lab experiment? * This will closely tie in with your recommendations later in the lab report. Background Theory * What networking theory is aligned with this lab experiment? * Perform a basic summary and analysis of the said theory, and explain how the theory will support the findings. Methodology and Procedure * For example, we use OpNet as a......

Words: 488 - Pages: 2

Free Essay

Is404 Week 1 Lab

...Week 1 Lab Part 1 - Assessment Worksheet Assess the Impact on Access Controls for a Regulatory Case Study Overview Watch the Demo Lab in the Week 1 Learning Space Unit 1, and answer the questions below. The lab demonstrates creating an Active Directory domain as well as user and group objects within the new domain. Directories will be created and permissions assigned based on the required access control as defined in the matrix. Group Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what does it mean? Discretionary access control List (DACL) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong 2. Why would you add permissions to a group instead of the individual? It is more resourceful and less time consuming. 3. List at least 3 different types of access control permissions available in Windows. Full Control, Modify, Execute, Read, Write 4. What are the least permissions that you need in order to view the contents of a folder? Read, so the user has access to any file on the system that they are entitled to, but they are not able to make any changes. 5. What are other available Password Policy options that could be enforce to improve security? ...

Words: 1093 - Pages: 5

Free Essay

Netw240 Week 1 Lab

...DSI# Date | 11/03/13 | NETW240 Week 1 Lab Report: Installing Fedora Linux 20 points In the space provided below, write a minimum of five college-level sentences in your own words that describe your experiences with this lab assignment. Include an overview of the major tasks accomplished in this lab and any difficulties you encountered in the completion of this lab assignment. Installing the Fedora 13 seemed easy enough but did take a long time when it came to the part of loading everything. I followed the lab instruction that helped me accomplished this which wasn’t too bad to follow. I did wish it had the explanation of each step like the other labs because it helped me understand what I’m doing and given the reason I never dealt with Linux before. The overview of the whole installation started with the “disc” and running it, then from the initial I was able to customize a few things (language, date and time, storage drive, own password, partition, software package, etc.). Luckily I did not encounter any problem that I was not able to install it but instead it went smooth. Something I did notice different was the appearance and where the taskbar was located. Installing the Fedora 13 seemed easy enough but did take a long time when it came to the part of loading everything. I followed the lab instruction that helped me accomplished this which wasn’t too bad to follow. I did wish it had the explanation of each step like the other labs because it helped me understand......

Words: 367 - Pages: 2

Premium Essay

Itt Week 1 Lab

...Charles M. Krout June 17, 2014 Week 1 Lab: Clear-Text Data in Packet Trace Learning Objectives and Outcomes * You will learn how to identify clear-text data in a packet trace. * You will become familiar with the NetWitness Investigator interface. Assignment Requirements You need a computer and Internet access to complete this assignment. You are newly hired as a technology associate in the information systems department at Corporation Techs in Dallas, Texas. Corporation Techs is an IT services organization supporting a number of clients in the Dallas/Fort Worth area. It’s a Wednesday, a dull day where you have nothing much exciting to do. Suddenly, you get a call from your manager. He appreciates the work you have been doing so far and thinks that you have the ability to take on more challenging work. To complete challenging tasks, you need to become familiar with the tools of the trade. So, you need to learn about a new packet analyzer called NetWitness Inspector. First, you must download and install the NetWitness Investigator software, and then open a demo trace file and find a clear-text password. You must also explore the tools on the toolbar in NetWitness Investigator to understand the options available. Perform the following steps: 1. Download and install the free version of NetWitness Investigator from the NetWitness Corporation Web site: http://www.netwitness.com/products/investigator.aspx 2. Register and activate the......

Words: 366 - Pages: 2

Premium Essay

Ac3225 Week 4 Lab 1

...AC3225: Week 4 Depreciation Methods and Inventory Valuation Lab 4.1/Inventory Valuation, Depreciation of Assets, and Intangible Assets Solve the problems given below. Click here to download and save the templates that you must use to perform this week’s lab. 1. Remmers Company manufactures desks. Most of the company’s desks are standard models and are sold on the basis of catalog prices. At December 31, 2012, the following finished desks appear in the company’s inventory. Finished Desks 2012 catalog selling price FIFO cost per inventory list 12/31/12 Estimated current cost to manufacture (at December 31, 2012, and early 2013) Sales commissions and estimated other costs of disposal 2013 catalog selling price $500 $540 $900 $1,200 $50 $60 $80 $130 $460 $430 $610 $1,000 $470 $450 $830 $960 A $450 B $480 C $900 D $1,050 The 2012 catalog was in effect through November 2012, and the 2013 catalog is effective as of December 1, 2012. All catalog prices are net of the usual discounts. Generally, the company attempts to obtain a 20% gross profit on selling price and has usually been successful in doing so. Instructions At what amount should each of the four desks appear in the company’s December 31, 2012, inventory, assuming that the company has adopted a lower-of-FIFO-cost-or-market approach for valuation of inventories on an individual-item basis? 1 AC3225: Week 4 Depreciation Methods and Inventory Valuation Lab 4.1/Inventory Valuation, Depreciation of Assets, and......

Words: 1250 - Pages: 5

Free Essay

Networking Week 1 Lab Report

...Tutorial, How to use vLabs Lab - 10 Points | 10 | After reading the reading the ElementK iLab Tutorial, answer the related questions. | Section 2Using Windows Applications as Network Tools - 15 Points * Task 1, Step 3 * Related explanation or response * Task 1, Step 7 * Related explanation or response * Task 1, Step 19 * Related explanation or response * Task 1, Step 22 * Related explanation or response * Summary Paragraph | .625.625.625.625.625.625.625.62510 | Required ScreenshotAnswer the question or provide the required observation when requested.In your own words, summarize what you have learned concerning network commands available within the Windows operating system. | Section 3Troubleshooting TCP/IP Problems Lab - 15 Points * Task 1, Step 1 * Related explanation or response * Task 2, Step 2 * Related explanation or response * Task 2, Step 3 * Related explanation or response * Task 3, Step 1 * Related explanation or response * Summary Paragraph | .625.625.625.625.625.625.625.62510 | Required ScreenshotAnswer the question or provide the required observation when requested.In your own words, summarize what you have learned about the Network Monitor. | Total | 40 | | ------------------------------------------------- Name: Date: Professor: ------------------------------------------------- ElementK Tutorial, How to use vLabs Lab (10......

Words: 1280 - Pages: 6

Premium Essay

Unit 9 Assingment 1 Executive Summery to Risk Mitigation

...Legal Issues in Information Security 14 Executive Summery on Risk Mitigation Unit 9 ASSIGNMENT 1 ASSIGNMENT The protection of records that pertain to students is crucial in ensuring that their safety is not compromised. In doing so the following three things must be addressed in a very detailed and stringent manner. Confidentiality, Integrity, and Availability. These three facets of security are detrimental in the handling of information, whether it is student records or bank transaction records. C-I-A is a good practice when maintaining information and insuring the proper handling of said information. We will discuss here how C-I-A combined with FERPA will help to reduce mishandling and misuse of information, and how to deal with breach and loss as well. The confidentiality of information is vital to keep your students anonymity on line. Confidentiality means that only people with the right permissions can access and use the information. To ensure the confidentiality of the information, the location that it is stored will be secured by password protection. The principle of least privilege will be used as well in determining who has access to the information as well. Physically there will be endpoint encryption as well. All data that is stored in the servers will be encrypted as well. The integrity of the information is vital to ensure that any tampering of the information can be readily detected if it should occur. The integrity of the information is defined...

Words: 578 - Pages: 3

Premium Essay

Week 1 I Lab

... hostname Dallas ! interface FastEthernet0/0 ip address 192.168.100.1 255.255.255.0 ! interface FastEthernet0/1 ip address 192.168.10.1 255.255.255.0 shutdown ! interface Serial0/0 bandwidth 1544 ip address 192.168.30.1 255.255.255.0 shutdown ! interface Serial0/1 bandwidth 1544 ip address 200.100.10.2 255.255.255.0 ! router rip network 192.168.100.0 network 200.100.10.0 ! ip default-network 200.100.10.0 ip route 0.0.0.0 0.0.0.0 serial0/1 ! ! line con 0 line aux 0 line vty 0 4 password cisco line vty 5 15 password cisco ! end Note: RED text indicates the required questions to answer Task 1—Verify Connectivity and Configuration in Dallas router #1. What CLI command does produce the output below? ------------------------------------------------- ------------------------------------------------- The CLI command used is “show ip route”. ------------------------------------------------- ------------------------------------------------- #2. Complete the table below based on the dynamic routes displayed in the routing table above. Routing protocol | Destination Network | Metric | Outbound Interface | RIP | 192.168.100.0/24 | 120/1 | Serial0/0 | RIP | 192.168.200.0/24 | 120/1 | Serial0/1 | | | | | #3. Write the CLI command to verify connectivity from the ISP Router to 1. Dallas Server: ------------------------------------------------- Ping 192.168.100.11 2. Dallas......

Words: 666 - Pages: 3

Premium Essay

Week 1 Lab

...Category | Points | Description | Section 1Configuring Static and Default Routes - 30 Points * Task 4: Step 1 * Related Explanation or Response * Task 4: Step 2 * Related Explanation or Response * Task 5: Step 1 * Related Explanation or Response * Task 5: Step 1 * Related Explanation or Response * Summary Paragraph | 2323232310 | Paste the requested screenshotProvide the requested answerPaste the requested screenshotProvide the requested answerPaste the requested screenshotProvide the requested answerPaste the requested screenshotProvide the requested answerIn your own words, summarize what you have learned about Configuring Static and Default Routes. | Total | 30 | | ------------------------------------------------- Name: jim smith Date: Professor: ------------------------------------------------- Configuring Static and Default Routes vLab (30 points) Write a paragraph (minimum five college-level sentences) below that summarizes what was accomplished in this lab, what you learned by performing it, how it relates to this week’s TCO’s and other course material; and just as important, how you feel it will benefit you in your academic and professional career. (10 points)This week we learned about the significance of an R or S next to a network entry. In class we learned basic cisco routing commands. We also learned about the different router modes and how to diagnose problems with the router setup. Learning...

Words: 502 - Pages: 3

Premium Essay

Is4550 Week 1 Lab

...------------------------------------------------- Week 1 Laboratory Part 1: Craft an Organization-Wide Security Management Policy for Acceptable Use Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: * Define the scope of an acceptable use policy as it relates to the User Domain * Identify the key elements of acceptable use within an organization as part of an overall security management framework * Align an acceptable use policy with the organization’s goals for compliance * Mitigate the common risks and threats caused by users within the User Domain with the implementation of an acceptable use policy (AUP) * Draft an acceptable use policy (AUP) in accordance with the policy framework definition incorporating a policy statement, standards, procedures, and guidelines Part 1 – Craft an Organization-Wide Security Management Policy for Acceptable Use Worksheet Overview In this hands-on lab, you are to create an organization-wide acceptable use policy (AUP) that follows a recent compliance law for a mock organization. Here is your scenario: * Regional ABC Credit union/bank with multiple branches and locations thrrxampexoughout the region * Online banking and use of the Internet is a strength of your bank given limited human resources * The customer service department is the most critical business function/operation for the organization * The organization wants......

Words: 639 - Pages: 3

Free Essay

Is4680 Week 1 Lab

...Introduction The Department of Defense (DOD) has several departments within the agency that companies will need to work with in order to carry out the terms of their contracts. When considering technology specifically, the DOD has the following departments ready to assist companies: Information Assurance Support Environment, Defense Information Systems Agency, Defense Technology Security Administration, Defense Cyber Crime Center, Defense Technical Information Center, and possibly others that were not immediately obvious (U.S. Department of Defense, 2015). The Information Assurance Support Environment produces Security Technical Implementation Guides (STIGs) for various computer topics, which can be utilized by companies who wish to do business with the DOD. These guides serve as a baseline for the company in regards to the technology specifications they should have in place in order to lock down their systems and network to make them less vulnerable to malicious attacks (Defense Information Systems Agency, 2015). Among these STIGs is one written specifically for the Windows 8 / 8.1 operating system (Information Assurance Support Environment, 2015). This STIG outlines some of the changes made by Microsoft to Windows 8 / 8.1 as well as their recommendations for securing computers, which use that operating system. Tools Windows 8 / 8.1 comes with many tools built into it that allow for the administrator to use in order to do a security audit. A keyboard shortcut of......

Words: 855 - Pages: 4

Free Essay

Week 4 Lab 1

...1. Unauthorized access to workstation. Unauthorized access to system, applications and data. Desktop or laptop computer operating system software vulnerabilities. Viruses, malicious code or malware infections. 2. Client-server and Web applications are susceptible to attack. Unauthorized accessed to systems. 3. Enable password protection on workstations for access. Enable auto screen lockout for inactive times. 4. Define strict access control policies, standards, procedures and guidelines. 5. Implement a second-level test to verify a user’s right to gain acces. 6.  Ensure back-ups are enforced and enable an automated antivirus protection solution that scans and updates individual workstaions with proper protection. 7. The Security Configuration and Analysis is a stand-alone snap-in tool that users can use to import one or more saved configurations to a private security database. Importing configurations builds a machine-specific security database that stores a composite configuration. You can apply this composite configuration to the computer and analyze the current system configuration against the stored composite configuration stored in the database. 8. Log on to a Windows 2000-based computer as a user with administrative privileges. To open the Group Policy console, click Start, click Run and type Gpedit.msc. Click OK. Click the + next to Computer Configuration, then Windows Settings, then Security Settings, and then Local Policies to expand......

Words: 468 - Pages: 2

Premium Essay

Accounting Lab 1 Week 1

...AC1220 Lab 1.1 Introduction On January 1, 20x1, Jake Jones decides to start a computer repair business. The business will operate as a proprietorship under the name Jake’s Computer Repair Service. Requirement 1 Match each of the following accounting concepts or principles to the correct description: cost principle, entity concept, faithful representation principle, going-concern concept, and stable monetary unit concept. Description | Accounting Concept/Principle | Jones ensures that the information contained in the financial records of the business is complete, neutral, and free from material errors. | Faithful Representation Principle | All transactions entered into the financial records of Jake’s Computer Repair Service are U.S. dollar amounts. | Stable Monetary Unit Concept | Assets acquired by Jake’s Computer Repair Service, such as property and equipment, are recorded at their actual cost. | Cost Principle | Jones must keep his personal assets and liabilities separate from those of the business. | Entity Concept | Jones expects the business to be successful and to continue operating into the foreseeable future. | Going-Concern | Requirement 2 The following transactions take place in January 20x1, the first month of operations for Jake’s Computer Repair Service: a. Jan. 1, 20x1. Jones opens a business account with Ninth Street Bank and deposits $5,000. b. Jan. 2, 20x1. Jones borrows an additional $10,000 from Ninth Street Bank, signing...

Words: 735 - Pages: 3

Free Essay

Netw410 Week 1 Lab

...NETW410 Week 1 Lab Report Your Name NETW410 Professor Douglas Romans Current Date 1/10/2016 Lab #1, Introduction to Visio Lab Report: (70 points) Place the answers below the questions using a red-colored font. Answer in college-level sentences with proper grammar and spelling. Answer each part of the question for full credit. Question 1 (3 points) What is your experience with the Visio software? Have you used it before or is it your first experience with Visio? I do have some experience with Visio but it is extremely limited. At my internship my boss instructed me to make modifications of a Visio document that mapped out our entire building. That’s the extent of my Visio experience outside of installation. Question 2 (3 points) How did you access Visio? How do you feel about the different access methods? Luckily I already had Visio installed on my computer so I used the desktop application. Question 3 (3 points) What version of Visio did you use for this lab? As previously stated I have Visio installed on my computer, it’s Visio Professional 2013. Question 4 (3 points) What file extension does your version of Visio use? Does Visio support other extensions? My version of Visio saves in .vsdx file format. Question 5 (6 points: 3 points for each screenshot and comment) Use this website (http://www.ratemynetworkdiagram.com/index.php?z=1) to find a diagram that you think has good points. Paste a screen shot of the diagram in your lab......

Words: 826 - Pages: 4

Premium Essay

Week 1 Lab

...ECET365 Week 1 iLab Cover Sheet DeVry University College of Engineering and Information Sciences Course Number: ECET365 Professor Laboratory Number: 2 Laboratory Title: Motor Control Submittal Date Objectives A. Develop software routines that control Stepper Motors, small permanent magnet DC motors, and Servos. B. Understand how an H-bridge can be used to control DC motors and Stepper Motors. Results Conclusions Team | | | EET | | Paige | | Name | | Program | | Signature | | | | | | | | Name | | Program | | Signature | | | | | | | | Name | | Program | | Signature | Observations/Measurements A. Questions for the DC Motor Procedures: 1. What is a use of an Optical Isolator (Optoisolator)? An Optical Isolator is a type of semiconductor that allows signals to transfer between circuits and systems, while isolating those systems from each other; they are mainly use for monitoring systems. 2. Use Ohmmeter to measure resistance for DC motor used in this Lab. 56 omhs 3. In Activity 1, explain how you turned the DC motor “on” and “off.” I tried using a transistor as switch using a breadboard and a power supply (battery) to power the motor, with a 1k ohms resistor to limit current, I also connected a custom power supply to add 3.3v onto the breadboard. On our project the simplest way is the ON-OFF switch with is used to control the switch to only rotate at the maximum speed of rotation only in one direction, to......

Words: 1314 - Pages: 6