Iss 3350 Lab 2 Assessment

In: Computers and Technology

Submitted By joelmbryant
Words 368
Pages 2
! ! !

Joel M. Bryant, Sr.! IS 3350 Windows Security!

Assessment Worksheet # 2!

!

!

1. What is the Principle of Least Privilege?
 
 In information security, computer science, and other fields, the principle of least privilege requires that in a particular abstraction layer of a computing environment, every module must be able to access only the information and resources that are necessary for its legitimate purpose.
 2. What does DACL stand for and what does it mean?
 
 DACL stands for Discretionary Access Control List. Discretionary access control lists (DACLs, but often shortened to ACLs) form the primary means by which authorization is determined. An ACL is conceptually a list of pairs, although they are significantly richer than that.
 3. Why would you add permissions to a group instead of the individual?
 
 To grant hierarchical access to teams or groups such as company departments or development teams.
 4. Why would you allow shared access to groups instead of to everyone?
 
 Allowing shared access to groups rather than to everyone limits access to only those added to that group. This helps keep the information secured to only those who need access.
 5. List at least 3 different types of access control permissions you can enable for a file.
 
 read, write, execute
 6. Which access control permissions allow you to delete files and/or folders?
 
 modify and full control
 7. What is the lowest level permission needed in order to view the contents of a folder?
 
 read
 8. If you don't remember the syntax when using iCalcs.exe what command do you type in to see the options?
 
 type icacls.exe /? at a command prompt
 9. What other tool could you use to modify the privileges of the files or folders of a shared drive?
 


!

! ! ! ! ! ! !

! ! ! !

Joel M. Bryant, Sr.! IS 3350 Windows Security!

Assessment Worksheet # 2!

!

!

You can use…...

Similar Documents

Week 2 Lab #4 Assessment

...ISSC362: IT Security: Attack & Defense 14 Apr 2013 Lab #4 – Assessment Worksheet 1. Phase 1—Reconnaissance, Phase 2—Scanning, Phase 3—Gaining Access, Phase 4—Maintaining Access, Phase 5—Covering Tracks 2. Zenmap does an intense scan of all TCP ports in order to find open and vulnerable ports. 3. Phase 1 Reconnaissance 4. This is referred to by many names, but typically just called a vulnerability scan. Can be done with tools such as Nessus or Microsoft baseline security analyzer. 5. MS04-022: Microsoft Windows Task Scheduler Remote Overflow (841873), MS04-012: Cumulative Update for Microsoft RPC/DCOM (828741), MS03-043: Buffer Overrun in Messenger Service (828035), MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159), MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution (921883), MS09-001: Microsoft Windows SMB Vulnerabilities Remote Code Execution (958687), MS03-039: Microsoft RPC Interface Buffer Overrun (824146), MS04-011: Security Update for Microsoft Windows (835732), MS04-007: ASN.1 Vulnerability Could Allow Code Execution (828028), MS05-027: Vulnerability in SMB Could Allow Remote Code Execution (896422), MS05-043: Vulnerability in Printer Spooler Service Could Allow Remote Code Execution (896423), MS03-026: Microsoft RPC Interface Buffer Overrun (823980), MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644), MS02-045: Microsoft Windows SMB Protocol......

Words: 343 - Pages: 2

Lab #2 – Assessment Worksheet

...Lab #2 – Assessment Worksheet IEE 802.3 CSMA/CD & Ethernet II Networking 1. Using the Wireshark Protocol Analyzer how was you able to isolate and inspect IP and CDP packets for further analysis? Navigating to the Analyze menu interface, selecting the “Disable All” button at the bottom of the window, in the “Protocol” window scroll to “IP” and select it the same steps apply to CDP. 2. In what section of the Wireshark Protocol Analyzer interface is the details of a capture packet frame displayed? On the Frame Analysis Window 3. Draw an IEEE 802.3 frame Showing segments and bytes assigned to each segment? 4. What are the main speeds of Ethernet? 10 mbps 100 mbps (fast Ethernet) 1000 mbps (gigabit Ethernet) 10000 mbps (ten gigabit Ethernet) 5. What is the Maximum size allocated for information in an IEEE 802.3 Ethernet Frame? Maximum length Ethernet II frames (1518 bytes, with a payload of 1500 bytes) 6. What is the main difference in the layout of IEEE.802.3and Ethernet II frame? IEEE 802.3 decided to include the Type of both source and destination in the 802.2 LLC header. So they replaced the Type field (bytes 13-14) with a Length field. The length" is not the full frame size - rather, it is the 802.2 packet length - the number of bytes of the 802.2 (LLC and data) portion of the frame, excluding padding. 7. What is the maximum number of bytes assigned to the “source address” segment of an IEEE.802.3? Ethernet and IEEE 802.3 specify similar technologies...

Words: 485 - Pages: 2

Is3110T Lab 2 Assessment Worksheet

...Lab #2 Assessment Worksheet Align Risks, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls 1. a. Unauthorized access from public internet - HIGH b. User destroys data in application and deletes all files - LOW c. Workstation OS has a known software vulnerability – HIGH d. Communication circuit outages - MEDIUM e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - MEDIUM 2. a. PO9.3 Event Identification – Identify threats with potential negative impact on the enterprise, including business, regulatory, legal, technology, trading partner, human resources and operational aspects. b. PO9.4 Risk Assessment – Assess the likelihood and impact of risks, using qualitative and quantitative methods. c. PO9.5 Risk Response – Develop a response designed to mitigate exposure to each risk – Identify risk strategies such as avoidance, reduction, acceptance – determine associated responsibilities; and consider risk tolerance levels. 3. a. Unauthorized access from public internet - AVAILABILITY b. User destroys data in application and deletes all files - INTEGRITY c. Workstation OS has a known software vulnerability – CONFIDENTIALITY d. Communication circuit outages - AVAILABILITY e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - INTEGRITY 4. a. Unauthorized access from public internet...

Words: 934 - Pages: 4

Iss Lab 8

...1. Why is it critical to perform a penetration test on a web application prior to production Implementation? To make sure no one can penetrate your web application before you put it in a live situation. 2. What is a cross-site scripting attack? Explain in your own words. Cross-site scripting is a type of computer security vulnerability typically found in web applications that enables attacks to inject client side script into web pages viewed by others 3. What is a reflective cross-site scripting attack? A reflective attack a type of computer security vulnerability it involves the web application dynamically generating a response using non-sanitized data from the client scripts, like Java scripts or VB script, in the data sent to the server will send back a page with the script 4. What common method of obfuscation is used in most real world SQL attacks? methods, including character scrambling and masking, numeric variance and nulling, rely on an array of built-in SQL Server system functions that are used for string manipulation. 5. Which web application attack is more prone to extracting privacy data elements out of a database? SQL injections can be used to enter the database with administrator rights, best way to avoid this using Java on the website. 6. If you can monitor when SQL injections are performed on an SQL database, what would you recommend as a security countermeasure to monitor your production SQL databases? Well co-ordinated and regulary audited......

Words: 392 - Pages: 2

Hacking Lab 2 Assessment

...Assessment Worksheet 29 LAB #2 – ASSESSMENT WORKSHEET Implement Hashing and Encryption for Secure Communications Course Name and Number: Student Name: Instructor Name: Lab Due Date: 2 Implement Hashing and Encryption for Secure Communications Overview In this lab, you applied common cryptographic and hashing techniques to ensure message and file transfer integrity and maximize confidentiality. You also created an MD5sum and SHA1 hash on a sample file on the Linux virtual machine and compared the hash values of the original files with those generated after the file had been modified. Next, you used GnuPG to generate a public key, a private key, and a secret key to encrypt and decrypt a message. You then used these keys to send secure messages between two user accounts on the virtual machine and verify the integrity of the received files. Finally, you reviewed the process for uploading public keys to a public PKI website. Lab Assessment Questions & Answers 1. Compare the hash values calculated for example.txt that you documented during this lab. Explain in your own words why the hash values will change when the data is modified. 2. Why are the MD5sum and SHA1sum hash values the same every time you calculate for the “example.txt” sample file? What if they were different when you re-calculated the hash value at the other end? 30 Lab #2 | Implement Hashing and Encryption for Secure Communications 3. If you were using corporate e-mail for......

Words: 414 - Pages: 2

Lab 2 Assessment Worksheet

...IS3340-WINDOWS SECURITY | Lab #2 | Assessment Worksheet | | [Type the author name] | 4/3/2014 | | 1. What is the Principle of Least Privilege? Providing only the necessary access required to carry out a task. 2. What does DACL stands for and what does it mean? Discretionary Access Control List is the list of access control rules (ACL’s). 3. Why would you add permissions to a group instead of the individual? Management of the permissions (add/remove) is easier to do from the Group Level, other than Individual User and is quicker. 4. Why would you allow shared access to groups instead of to everyone? By allowing access by Groups it is easier to manage – all users have to be part of a Group in order to be created. 5. List at least 3 different types of access control permissions you can enable for a file. Read, (permits viewing or accessing of the file's contents) Write (permits adding to the file) Modify (permits reading and writing of the file and allows deletion of the file) 6. Which access control permissions allow you to delete files and/or folders? Modify is the access control permission allowing the user to delete files and/or folders. 7. What is the lowest level permission needed in order to view the contents of a folder? Read 8. If you don’t remember the syntax when using iCacls.exe what command do you type in to see the options? icacls.exe (the command with no arguments) 9. What other tool......

Words: 331 - Pages: 2

Issc421 Lab#2 Assessment

...Rodney L. Bennett Jr. ISSC421 Week 2 Lab #2: Network Documentation Instructor Name: _Clifton Krahenbill_ Lab Assessment Questions 1. What is the terminal console password for LAN Switch 1 and LAN Switch 2? LAN Switch 1: 172.16.8.5 LAN Switch 2: 172.16.20.5 2. Specify the host IP address for LAN Switch 1 and LAN Switch 2 that you discovered from the Wireshark protocol capture file. LAN Switch 1: 172.16.8.99 LAN Switch 2: 172.16.20.99 3. When you Telnet to LAN Switch 1 or LAN Switch 2, why is it a good idea to first ping an IP interface or port’s IP address? It is a good idea to first ping an IP interface or port’s IP address because the ping verifies the connectivity by sending ICMP echo packets to a host and then listening for the echo reply which enables the detection of name resolution issues, if any. 4. Why is using Telnet a security risk for an IP network infrastructure? Because Telnet sessions are in clear text which certain packet sniffers can exploit to gain passwords which can ultimately lead to unauthorized access for unauthorized users and potential attackers. 5. How can you mitigate the security risk caused by Telnet? Utilize tools/programs/software that have intrusion detection to monitor, intercept and respond to potential risks in real time. 6. What is......

Words: 517 - Pages: 3

Lab 2 Performing a Vulnerability Assessment

...Lab Assessment Questions & Answers 1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application. Zenmap is the official GUI for the Nmap Security Scanner. It is a multi-platform, free and open-source application designed to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. This can be used for example to audit a network on a specific IP scheme. 2. Which application can be used to perform a vulnerability assessment scan in the reconnaissance phase of the ethical hacking process? OpenVAS 3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even before performing the reconnaissance step? Written permission must be obtain before performing an intrusive penetration test or vulnerability assessment scan on a live network. 4. What is a CVE listing? Who hosts and who sponsors the CVE database listing Web site? CVE is a publicly available and free to use list and dictionary of standardized identifiers for common computer vulnerabilities and exposures. It is sponsored by the office of Cybersecurity at the US Department of Homeland Security. The site is managed by the MITRE Corp. 5. Can Zenmap detect which operating systems are present on IP servers and workstations? Which option includes that scan? Yes, by using TCP/IP stack fingerprinting......

Words: 406 - Pages: 2

Lab Assessment

...Lab #2 – Assessment Worksheet Performing a Vulnerability Assessment Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you used Nmap commands within the Zenmap application to scan the virtual network and identify the devices on the network and the operating systems and services running on them. You also used OpenVAS to conduct a vulnerability assessment and record the high risk vulnerabilities identified by the tool. Finally, you used the information you gathered from the report to discover mitigations for those risks and make mitigation recommendations based on your findings. Lab Assessment Questions & Answers 1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application. 2. Which application can be used to perform a vulnerability assessment scan in the reconnaissance phase of the ethical hacking process? 3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even before performing the reconnaissance step? 4. What is a CVE listing? Who hosts and who sponsors the CVE database listing Web site? 5. Can Zenmap detect which operating systems are......

Words: 307 - Pages: 2

Iss 335 Notes for Exam 2

...ISS Exam 2 Study Terms Part 1 Periods of Immigration— Ask him tomorrow… 1800-80’s Germany and Ireland immigrants to USA Factors Affecting Immigration—economic and/or political reasons, family re-unification, natural disasters or the wish to change one's surroundings voluntarily. Myths of Immigration— National origins quotas. Immigration Laws—refers to national government policies which control the phenomenon of immigration to their country. Census Race Categories— The racial categories included in the census questionnaire generally reflect a social definition of race recognized in this country and not an attempt to define race biologically, anthropologically, or genetically. In addition, it is recognized that the categories of the race item include racial and national origin or sociocultural groups. People may choose to report more than one race to indicate their racial mixture, such as “American Indian” and “White.” People who identify their origin as Hispanic, Latino, or Spanish may be of any race. Citizenship— the character of an individual viewed as a member of society; behavior in terms of the duties, obligations, and functions of a citizen “Is This a White Country, or What?”—Article about how USA doesn’t think its racist, yet looks down upon people of color. Part 2 Rossides’ Model of U.S. Classes— Saved in folder Income— salaries, wages, earnings from investments Wealth— Total assets (property, stocks, savings, etc.) Can be passed......

Words: 475 - Pages: 2

Lab 2

...IS3110 Lab #2: Assessment Worksheet Align Risk, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls Student Name: _____________________________________________________________ 1. From the identified threats & vulnerabilities from Lab #1 – (List At Least 3 and No More than 5), High/Medium/Low Nessus Risk Factor Definitions for Vulnerabilities) a. b. c. d. e. 2. For the above identified threats and vulnerabilities, which of the following COBIT P09 Risk Management control objectives are affected? • PO9.1 IT Risk Management Framework • PO9.2 Establishment of Risk Context • PO9.3 Event Identification • PO9.4 Risk Assessment • PO9.5 Risk Response • PO9.6 Maintenance and Monitoring of a Risk Action Plan 3. From the identified threats & vulnerabilities from Lab #1 – (List At Least 3 and No More than 5), specify whether the threat or vulnerability impacts confidentiality – integrity – availability: Confidentiality Integrity Availability a. b. c. d. e. 4. For each of the threats and vulnerabilities from Lab #1 (List at Least 3 and No More than 5) that you have remediated, what must you assess as part of your overall COBIT P09 risk management approach for your IT infrastructure? 5. For each of the threats and vulnerabilities from Lab #1 – (List at Least 3 – No More than 5), assess the risk impact or risk factor that it has on your organization in the following areas: a. Threat or Vulnerability #1: o......

Words: 469 - Pages: 2

Lab #2: Performing a Vulnerability Assessment

...Lab #2 – Assessment Worksheet Performing a Vulnerability Assessment Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you used Nmap commands within the Zenmap application to scan the virtual network and identify the devices on the network and the operating systems and services running on them. You also used OpenVAS to conduct a vulnerability assessment and record the high risk vulnerabilities identified by the tool. Finally, you used the information you gathered from the report to discover mitigations for those risks and make mitigation recommendations based on your findings. Lab Assessment Questions & Answers 1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application. 2. Which application can be used to perform a vulnerability assessment scan in the reconnaissance phase of the ethical hacking process? 3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even before performing the reconnaissance step? 4. What is a CVE listing? Who hosts and who sponsors the CVE database listing Web site? 5. Can Zenmap detect which operating......

Words: 307 - Pages: 2

Nt2580 Lab 2 Assessment

...Lab #2 - Assessment Worksheet Performing a Vulnerability Assessment Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you used Nmap commands within the Zenmap application to scan the virtual network and identify the devices on the network and the operating systems and services running on them. You also used OpenVAS to conduct a vulnerability assessment and record the high risk vulnerabilities identified by the tool. Finally, you used the information you gathered from the report to discover mitigations for those risks and make mitigation recommendations based on your findings. Lab Assessment Questions & Answers 1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application. Typically used for initial IP host discovery It is the graphical interface Would be used for scanning and Vulnerability phase of ethical hacking process. 2. Which application can be used to perform a vulnerability assessment scan in the reconnaissance phase of the ethical hacking process? Zenmap 3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even......

Words: 373 - Pages: 2

Lab 2

...Lab #2 – Assessment Worksheet Performing a Vulnerability Assessment Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you used Nmap commands within the Zenmap application to scan the virtual network and identify the devices on the network and the operating systems and services running on them. You also used OpenVAS to conduct a vulnerability assessment and record the high risk vulnerabilities identified by the tool. Finally, you used the information you gathered from the report to discover mitigations for those risks and make mitigation recommendations based on your findings. Lab Assessment Questions & Answers 1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application. Zenmap is a graphical interface for Nmap, a port scanning tool that can quickly identify hosts and detect what operating system and services are running on them, and all without privileged access. Zenmap, and similar tools, are typically used during the scanning and vulnerability phase of the ethical hacking process. 2. Which application can be used to perform a vulnerability assessment scan in the reconnaissance phase of the ethical......

Words: 431 - Pages: 2

Iss Unit 2 Homework

...Eric Mcknight 7/6/2012 Unit 2: Assignment 1: Calculate the window of vulnerability. To calculate the window of vulnerability (WOV) we will first need to know the amount of time It will take to get a working solution. In this case, we need a patch to solve the issue. We already know that it will take Microsoft 3 days to get a patch out to us. So, we can start with three days. After that, we need time to test the patch, and publish it out to the active directory update servers. This will usually take a few days according to the book. After it is all tested on the equipment, we need to push out the update to all of the client computers and servers. This will usually take a day or so. Also, depending on if the IT staff works on the weekends to solve the problem that will add another two days to fix the problem. So, to add it up, It takes three days to get the patch, Up to five days to test the patch, and another day or two to publish the patch out to all of the client computers. All in total, this will take around a week to solve this issue. My personal opinion is any IT personal that takes a WEEK to solve a major security breach should be fire. Personally, I would put immediate measures in place to solve the issue such as blocking the mac address, immediately writing scripts and programs to detect intrusions in the hole, and block out the attacker. Taking more than a day or two for testing is major overkill for fixing a major hole. But, that is my opinion....

Words: 287 - Pages: 2

Study of Factors Affecting Employee Engagement at Kochartech Pvt. Ltd | Air Strike 2018 1080p BluRay x264-SADPANDA | Livre para entrar e ganhar mais gosta no seu Instagram fotos e vídeo.