Is3340

In: Computers and Technology

Submitted By asligh
Words 2606
Pages 11
Introduction
Course: IS3340 Week: 1 Lab: Using NTFS to Secure Files and Folders Assignment
In this lab you will use NTFS and share permissions to control access to files and folders.

Story
You're part of the IT support team in the New York office of a nationwide travel services company called USA Travel. You have three other offices in Dallas, San Francisco, and Chicago. All the offices have a separate Windows 2003 Active Directory domain. The domain for the New York office, the root domain for the organization, is named usatravel.com. One afternoon you receive a call from Larry Drake, one of the two sales supervisors in your office. He and the other sales supervisor, Marta Vasquez, both have new Windows XP Professional computers, and they've created a few folders structures on both computers to hold important files. They'd like you to come to their desks and set whatever permissions you need to make sure their sales employees have the different levels of access they'll need to the folders. He then proceeds to give you the following information. There are two sales teams. The first team, led by Larry himself, has two members: Cindy Williamson and Lew Ferrell. The second team, led by Marta Vasquez, also has two members: Tammy Dobson and Juanita Dawson. The Sales department also has an administrative assistant named Markie Chung. The network administrator for your office created three security groups (which you later find out are domain local groups) for the Sales department. SalesAdmin has four members: Larry Drake, Marta Vasquez, Markie Chung, and the Administrator account. Sales1 (Larry's direct reports) has two members: Cindy Williamson and Lew Ferrell. Sales2 (Marta's direct reports) also has two members: Tammy Dobson and Juanita Dawson. On Larry's computer, PRO21, he has created two different folder hierarchies. The first parent folder is named Accounts1.…...

Similar Documents

Lab3

...56 Lab #3 | Configure BitLocker and Windows Encryption LAB #3 – ASSESSMENT WORKSHEET Configure BitLocker and Windows Encryption Course Name and Number: IS3340 Windows Security Student Name: Daniel Longo Instructor Name: Dakrouni Lab Due Date: 10/4/2013 Overview In this lab, you used the Microsoft® Encrypting File System (EFS) to encrypt files and folders on a Windows Server 2008 machine. You documented the success or failure of your encryption efforts. You also installed Microsoft® BitLocker Drive Encryption, a data protection feature that is used to resist data theft and the risk of exposure from lost, stolen, or decommissioned computers. You encrypted a data drive on the server and created a recovery key. Lab Assessment Questions & Answers 1. Within a Microsoft® Windows 2008 server R2 environment, who has access rights to the EFS features and functions in the server? 2. What are some best practices you can implement when encrypting BitLocker drives and the use of BitLocker recovery passwords? 38542_Lab03_Pass2.indd 56 3/2/13 10:01 AM Assessment Worksheet 3. What was the recover key created by BitLocker in this lab? 57 4. BitLocker secured drives. How would you grant additional users access rights to your EFS encrypted folders and data files? 5. What are the main differences between EFS and BitLocker? 6. The customer privacy data policy in your company’s data classification standard requires encryption......

Words: 279 - Pages: 2

Life

...IS3340 Windows Security Unit 1 Assignment 1: Adding Active Directory 1. Currently, system administrators create Ken 7 users in each computer where users need access. In the Active Directory, where will system administrators create Ken 7 users? Open Active Directory Users and Computers. In the console tree, right-click the folder in which you want to add a user account. Point to New, and then click User. In First name, type the user's first name. In Initials, type the user's initials. In Last name, type the user's last name. Modify Full name to add initials or reverse order of first and last names. 2. How will the procedures for making changes to the user accounts, such as password changes, be different in the Active Directory? In User logon name, type the user logon name, click the UPN suffix in the drop-down list, and then click Next. In Password and Confirm password, type the user's password, and then select the appropriate password options. 3. What action should administrators take for the existing workgroup user accounts after converting to the Active Directory? Create new user accounts for all users. Then you need to manually join these computers to the AD domain. 4. How will the administrators resolve the differences between the user accounts defined on the different computers? In other words, if user accounts have different settings on different computers, how will the Active Directory address that issue? Administrators can manually......

Words: 295 - Pages: 2

Is3340 Final Exam

...IS416 Securing Windows Platforms and Applications FINAL EXAMINATION 1. Scope This exam covers all Units and is based on the content from the textbook. 2. Answer Key |Question Number |Correct Answer |Course Objective(s)|Reference | | | |Tested | | |1. |c |1.1 |Security Strategies in Windows Platforms and Applications, Pages 22–23 | |2. |b |1.2 |Security Strategies in Windows Platforms and Applications, Page 27 | |3. |d |1.3 |Security Strategies in Windows Platforms and Applications, Page 31 | |4. |c |1.4 |Security Strategies in Windows Platforms and Applications, Page 32 | |5. |a |1.5 |Security Strategies in Windows Platforms and Applications, Page 32 | |6. |c |2.1 |Security Strategies in Windows Platforms and Applications, Page 42 | |7. |a |2.2 |Security Strategies in Windows Platforms and Applications, Page 44 | |8. ...

Words: 2305 - Pages: 10

Is3340 Week 4

...KAMRAN JAN WK4 Assignment 1 Security policy statements: 1. Previous attempts to protect user accounts have resulted in users writing long passwords down and placing them near their workstations. Users should not write down passwords or create passwords that attackers could easily guess. Require all personnel attend a lunch and learn session on updated security policies. 2. Every user, regardless of role, must have at least one unique user account. A user who operates in multiple roles may have multiple unique user accounts. Users should use the account for its intended role only. Create a set of new user accounts with administrator privileges and disable all ‘administrator’ user accounts. 3. Anonymous users of Ken 7 Web application should only be able to access servers located in the demilitarized zone (DMZ). No anonymous Web application users should be able to access any protected resources in the Ken 7 infrastructure Place a firewall between your Web server and your internal network. . 4. To protect servers from attack, each server should authenticate connections based on the source computer and user. Implement Kerberos authentication for all internal servers. 5. Passwords should not be words found in the dictionary. Enforce password complexity. 1. The ERP software vendor reports that some customers have experienced denial-of-service (DoS) attacks from computers sending large volumes of packets to mail servers on the......

Words: 344 - Pages: 2

Movies

...IS3340 —Windows Security E-mail: E-mail: VShafer@itt-tech.edu Cell Phone#: 865-236-1869 Title: Analyzing Windows Application Software for Security Vulnerabilities Learning Objective ▪ Design techniques to protect given Windows application software from security vulnerabilities. Key Concepts ▪ Vulnerabilities to Microsoft server and client applications ▪ Strategies for securing Microsoft server and client applications ▪ Procedures for securing Microsoft applications Class/Content Outline: 5:00pm – 5:50pm Theory 7 (50 min.) 1. Roll / Lesson Plan / Handouts 2. Review/ Discuss Unit 8 ~ ▪ Chapter 12 “Microsoft Application Security”; pp. 271-296 3. In Class IS3340.U8.GA1 ~ Unit 8 Assignment 1: Policy for Securing Windows Environment ▪ You will select from the list of security controls that best addresses to each given ERP vulnerabilities. (*Note: You will refer to the Unit 1 case scenario IS3340.U1.TS3.doc for the Ken 7 Windows Limited details.) We will discuss the correct answers in class 6:00pm – 7:40pm Lab 1 (100 min.) 4. Lab 8 ~ Apply Security Hardening on Windows Microsoft Server & Microsoft Client Applications; pp. 68-73 8:00pm – 9:40pm Theory 7 (100 min.) & 9:50pm – 10:45pm Theory 7 (55 min.) 5. IS3340.U8.GA2 ~ Unit 8 Assignment 2: Best Procedures to Secure Windows Applications ▪ To complete IS3340.U8.GA2.doc ~ You will write a Windows application policy and define its procedure......

Words: 630 - Pages: 3

Is3340 Unit 1

...Unit 1 Assignment1: Adding Active Directory Robert Hanke ITT Tech IS3340 Windows Security Dr. Joseph Martinez 3/27/14 Unit 1 Assignment1: Adding Active Directory Currently, system administrators create Ken 7 users in each computer where users need access. In the Active Directory, the system admins will create Organizational Groups (OU). These OU’s can then can have restriction or Group Policy Objects (GPOs) put in to place that will restrict what a user can and can’t access. An organizational unit is the smallest scope or unit to which you can assign Group Policy settings or delegate administrative authority. Using organizational units, you can create containers within a domain that represent the hierarchical, logical structures within your organization. You can then manage the configuration and use of accounts and resources based on your organizational model (techNet, 2005). With the users assigned to group accounts or OU’s, you can use to assign a set of permissions and rights to multiple users simultaneously, along with making any changes that are needed to individual users. Computer accounts provide a means for authenticating and auditing computer access to the network and to domain resources. Each computer account must be unique. Once the conversion has taken place, the local users on the client computer will not be affected during domain join. They can still logon on the local machine. Meanwhile, on domain controllers, during the Active Directory Installation...

Words: 430 - Pages: 2

Unit 2 Assignment 1

...IS3340-WINDOWS SECURITY | Recommendations for Access Controls | Unit 2 Assignment 1 | | [Type the author name] | 4/3/2014 | | Access Control is the defined as “the selective restriction of access to a place or other resource”, in the RFC 4949. “The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.” Simply put the ability to read, write, modify, or deleting information or files is what Access Control is. It is more than this, in the permissions (authorization) granted to each Security Group or Individual User. The permissions mentioned in the previous paragraph are rights that a user is allowed to access, create, modify, or delete the file(s) inside a file folder, or objects. These are all permissions (authorizations) controlled by the Authorized Windows Security Personnel of the file structure. We will list some examples of how this outlined and what the impact would be, but first understand that requirements for the permissions is controlled from the Group Level, other than by Individual User, because it is easier to control from a security standpoint when you want to modify these abilities. There are four folders created (D:\ERPdocuments, D:\ERPdocuments\HRfiles, D:\ERPdocuments\SFfiles, D:\ERPdocuments\MGRfiles) which we want to allow specific permissions for certain functions (tasks). For example; by modifying the permissions under the specific user account for HRmanager to include...

Words: 436 - Pages: 2

Lab 2 Assessment Worksheet

...IS3340-WINDOWS SECURITY | Lab #2 | Assessment Worksheet | | [Type the author name] | 4/3/2014 | | 1. What is the Principle of Least Privilege? Providing only the necessary access required to carry out a task. 2. What does DACL stands for and what does it mean? Discretionary Access Control List is the list of access control rules (ACL’s). 3. Why would you add permissions to a group instead of the individual? Management of the permissions (add/remove) is easier to do from the Group Level, other than Individual User and is quicker. 4. Why would you allow shared access to groups instead of to everyone? By allowing access by Groups it is easier to manage – all users have to be part of a Group in order to be created. 5. List at least 3 different types of access control permissions you can enable for a file. Read, (permits viewing or accessing of the file's contents) Write (permits adding to the file) Modify (permits reading and writing of the file and allows deletion of the file) 6. Which access control permissions allow you to delete files and/or folders? Modify is the access control permission allowing the user to delete files and/or folders. 7. What is the lowest level permission needed in order to view the contents of a folder? Read 8. If you don’t remember the syntax when using iCacls.exe what command do you type in to see the options? icacls.exe (the command with no arguments) 9. What other tool......

Words: 331 - Pages: 2

It Computer

.../1724144-IS3340/ Looking for help with IS 3340 at ITT Tech Flint? Course ... IS 3340 - Windows Security - ITT Tech Flint Study Resources ...... Quality answers or your money back. IS3340 Lab Unit 5 Assignment 1 : WINDOWS SE IS3340 ... www.coursehero.com/file/8721414/IS3340-Lab-Unit-5-Assignment-1/ Jan 26, 2014 - MOST POPULAR MATERIALS FROM WINDOWS SE IS3340. 1 Page ... IS3340 Lab Unit 5 Security Assessment Potential Risk ... Access Security > Ali > Notes > IS4670_15_Syllabus.pdf ... www.studyblue.com/notes/note/n/is4670_15_syllabuspdf/.../9759518 Feb 7, 2014 - Find and study online flashcards from Access Security. ... IS3350 Security Issues in Legal Context IS3230 Access Security IS3340 Windows Security IS3440 .... Don?t assume there is only one correct answer to a question ? You've visited this page 2 times. Last visit: 5/28/14 [DOC] Assignment www.webonthecloud.com/is3340/Assignments.docx This assignment builds on the scenario of Ken 7 Windows Limited, which was ... Provide the answers to the following questions to satisfy the key points of ... IS3340 Windo ws Security STUDENT COPY: Graded Assignment Requirements. [DOC] Syllabus - ITT Tech. www.webonthecloud.com/is3340/Syllabus.docx IS3340. Windows Security. Instructor name. Francisco Morales .... Don't assume there is only one correct answer to a question. § Don't be afraid to share your ... Is3340 windows security answers - free ebook downloads www.freebookez.com/is3340-windows-security-answers/ Is3340......

Words: 287 - Pages: 2

Is3340 Lab 1

...Lab 1 Worksheet 1. Active Directory and the configuration of access controls achieve C-I-A for folders and data because it controls who can access certain files and folders. This keeps the data confidential since only authorized users can access the files as well as keeping the integrity of the data as it is not able to be modified by unauthorized users. It also meets the accessibility requirements of C-I-A since the authorized users are able to access the resource through proper configuration of the Active Directory Domain Services. 2. It is not a good practice to include the user name in the password since authentication protocols may only transmit the password in cipher text but the user name as plain text, this makes it easy to intercept a user name and if that user name is part of the password, it makes it that much easier to break. 3. Password length and complexity requirements will ensure users are forced to have strong passwords to their accounts and password length and history will ensure the passwords are changed in reasonable increments of time as well as not being able to use the same password when a password change is required. 4. No, a user outside of the domain cannot access a shared drive within a domain. 5. Yes, a prompt requesting login credentials will appear when attempting to access a shared drive. 6. By default, the guests group has the least amount of implied privileges within the Active Directory structure. 7. Implementing controls...

Words: 407 - Pages: 2

Active Directory

...IS3340: Week 1 Assignment 1: Adding Active Directory Bob Johnson IS3340: Windows Security 11/02/2014 Arthur Salmon When evaluating the current set up for all of the PCs that we have at Ken 7 Windows and the purchase of a new enterprise resource planning (ERP) software package, I would definitely recommend that we use Active Directory (AD). There are several reasons to use AD. I will give a few reasons why we should use AD. My first reason is that with the purchase of the new servers we have a wider area to protect. With this being that, we have purchased several new servers that need to be more secure and restrict access to the key people or groups of people that need access to pertinent information. Secondly, by doing this we can activate a more secure password criteria. Making passwords of no less than eight characters long and they must contain a capital letter, a number, and a special character. These passwords will be set to renew anywhere from 30 – 90 days. The most common setting for this feature is 90 days. A notification will sent to the user 14 days prior to the password’s expiration and prompt the user to change their password. Thirdly, special access tokens will be used to insure the identity of the user. A smart card will be in place. This smart card slips into a slot and read a magnetic strip, a microchip that is imbedded into the card, or a by a bar code on the back of the card. Using the bar code will be the less expensive route to take.......

Words: 469 - Pages: 2

Is3340 Unit 6 Assignment 1

... IS3340 Unit 6 Assignment 1 1. How much data has been modified between the last backup and the time of failure? No data should have been lost since nothing was change since the last backup and the backup would have been completed before the error occurred. 2. What images are necessary to recover the workstation? The images that are necessary would be the reimaging image along with the latest back up image available. 3. What are the steps necessary to fix the problem that cause the data loss? Verify what caused the loss by reading the logs. Determine the fix for the issue. Reimage the computer. Restore the computer to last backup state and disable the issue that caused the data loss. 4. What steps should Ken 7 take to avoid a reoccurrence of this issue in the future? Read the logs to find out what caused the issue that caused the data lose.   Right a procedure guide to prevent the issue from occurring. Alert users of the occurrence of the issue and the way to prevent the issue. (Soloman, 2001) Procedure Guide: 1. Read logs to decide what cause the issue to occur. 2. Re-Image the computer to default configuration. 3. Restore to first available backup of the system. Restore Process: 1. Right-click on your Computer desktop icon (or click Start and right-click on the Computer tab on the right pane of the menu). 2. Click on Properties. 3. Locate the System protection tab in the System Properties menu. 4. Select the hard disk that......

Words: 393 - Pages: 2

Is3340

...IS3340 Final Questions Marvin Ruff 08/11/14 1. Which windows encryption options do you enable using object properties dialog? 2. What protocol encrypts data? 3. Which element in a pki infrastructure authorizes a client to request a certificate? 4. What entity issues and validates digital certificates? 5. What type of malware is a self-contained program? 6. What antivirus feature protects computers from infected emails? 7. How often should anti malware check for updates? 8. What part of an operating systems provides essential services? 9. What is the process of proving that identity credentials are valid and correct? 10. The ability to run a backup is an example of which windows feature? 11. What is the best reason to define security groups while configuring access right for users in a network? 12. What is the best reason to use AD? 13. How often should you scan computers for malware? 14. What can you do to stay malware free? 15. Where are local GPO settings stored? 16. Which container should you link to a gpo to apply a gpo to apply the GPO to a logical group of sites? 17. What tools shows the affect applying GPS will have for a specific user? 18. The MBSA does not scan what? 19. What scanner helps to extend the MBSA? 20. What the principal of least privilege? 21. What process would a user use to enter a token generated password? 22. What is windows to us to store access control......

Words: 288 - Pages: 2

Is3340

...Unit 1 Assignment 1: Adding Active Directory IS3340 Windows Security 1. Currently, System Administrators create Ken 7 users in each computer where users need access. In the Active Directory, where will system administrators create Ken 7 Users? A. First what you do is you open Active Directory Users and Computers. In the console tree, right-click the folder in which you want to add a user account. Point to New, and then click User. In First name, type the user's first name. In Initials, type the user's initials. In Last name, type the user's last name. Modify Full name to add initials or reverse order of first and last names. That will also create a login name and also later in the process you can create the password and the restrictions. 2. How will the procedures for making changes to the user accounts, such as password changes, be different in the active directory? A. In User login name, type the username, click the name then in the drop-down list, and then click next. In Password and Confirm password, type the user's password, and then select the appropriate password options. 3. What action should administrators take for the existing workgroup user accounts after converting to active directory? A. The action that administrators should do is create new user accounts for all users. Then they need to manually join these computers to the active directory domain. 4. How will the administrators resolve the difference between the users accounts defined on the......

Words: 375 - Pages: 2

Is3340 Unit 4 Assignment 1

...Identifying Types of Malware Infection 1) You notice that your computer is getting slower each day. You have terminated unneeded programs, disabled unneeded services, and have recently defragmented the disks. Your computer has plenty of memory but it still seems slow. Since it only started getting slow within the last two weeks, you suspect a malware attack. You have carefully examined each of the programs running but there are no unusual programs. However, you do notice that there is substantial disk activity, even when no programs are running that should be using the disk. What kind of malware do you think is present in your computer? Rootkit and likely another type of malware – Closing all programs and still seeing disk usage would suggest that a rootkit has installed and is actively hiding the actual program running. The rootkit would hide the program while a virus or worm is likely behind the scenes wreaking havoc. 2) You download a new program to display the current weather on your desktop. Since you installed the weather application you noticed a lot of network activity and your computer is getting slow. When you terminate the weather application your computer speeds up. What kind of malware do you think is present in your computer? Trojan Horse – Acting as a useful program, it actually infects and runs amuck inside of the pc and network. 3) Within a week after ordering a new widescreen television (TV) from an online retailer, you start getting many......

Words: 407 - Pages: 2

Sort Ascending | Cat's Eye | Feliz Dia De Tu Muerte HDTV-Screener