Configure Group Policy Objects and Microsoft Baseling Security Analyzer

In: Computers and Technology

Submitted By mrsuds63
Words 265
Pages 2
Assessment Worksheet

65

LAB #4 – ASSESSMENT WORKSHEET

Configure Group Policy Objects and Microsoft® Baseline Security Analyzer (MBSA)
Course Name and Number: Student Name: Instructor Name: Lab Due Date:

Overview
In this lab, you used group policy objects to create a minimum password length password policy and link it to the newly created domain from the previous lab. You also ran the Microsoft® Baseline Security Analyzer (MBSA) and reviewed the results of the MBSA scan.

Lab Assessment Questions & Answers
1. Describe two options you would enable in a Windows Domain password policy.

2. Is there a setting in your GPO to specify how many logon attempts will lock out an account? Name two

parameters that you can set to enhance the access control to the system.

4
3. What are some password policy parameter options you can define for GPOs that can enhance the CIA for
Configure Group Policy Objects and Microsoft® Baseline Security Analyzer (MBSA)

system access?

38351_LB04_Pass2.indd 65

26/02/13 11:57 PM

66

Lab #4 | Configure Group Policy Objects and Microsoft® Baseline Security Analyzer (MBSA)
4. If the virtual lab had direct Internet access, from what sources could you use as a source to perform the MBSA security state?

5. What does WSUS stand for, and what does it do?

6. What is the difference between MBSA and Microsoft® Update?

7. What are some of the options that you can exercise when using the MBSA tool?

8. Describe why change control management might be relevant to security operations in an organization.

38351_LB04_Pass2.indd 66

26/02/13 11:57 PM…...

Similar Documents

Information Security

...JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES LABORATORY MANUAL TO ACCOMPANY Security Strategies in Windows Platforms and Applications 1E REVISED 38542_FMxx.indd i 9/5/12 10:48 AM World Headquarters Jones & Bartlett Learning 5 Wall Street Burlington, MA 01803 978-443-5000 info@jblearning.com www.jblearning.com Jones & Bartlett Learning books and products are available through most bookstores and online booksellers. To contact Jones & Bartlett Learning directly, call 800-832-0034, fax 978-443-8000, or visit our website, www.jblearning.com. Substantial discounts on bulk quantities of Jones & Bartlett Learning publications are available to corporations, professional associations, and other qualified organizations. For details and specific discount information, contact the special sales department at Jones & Bartlett Learning via the above contact information or send an email to specialsales@jblearning.com. Copyright © 2013 by Jones & Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. No part of the material protected by this copyright may be reproduced or utilized in any form, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the copyright owner. The Laboratory Manual to accompany Security Strategies in Windowa Platforms and Applications is an independent publication and has not been authorized, sponsored, or......

Words: 25969 - Pages: 104

Information Security Policy

...GDP, domestic markets and university students?University of Phoenix IT/244 Intro to IT Security Instructor’s Name: Date: 03/25/12 Table of Contents 1. Executive Summary 1 2. Introduction 1 3. Disaster Recovery Plan 1 3.1. Key elements of the Disaster Recovery Plan 1 3.2. Disaster Recovery Test Plan 1 4. Physical Security Policy 1 4.1. Security of the facilities 1 4.1.1. Physical entry controls 1 4.1.2. Security offices, rooms and facilities 1 4.1.3. Isolated delivery and loading areas 2 4.2. Security of the information systems 2 4.2.1. Workplace protection 2 4.2.2. Unused ports and cabling 2 4.2.3. Network/server equipment 2 4.2.4. Equipment maintenance 2 4.2.5. Security of laptops/roaming equipment 2 5. Access Control Policy 2 6. Network Security Policy 3 7. References 3 Executive Summary Due in Week Nine: Write 3 to 4 paragraphs giving a bottom-line summary of the specific measureable goals and objectives of the security plan, which can be implemented to define optimal security architecture for the selected business scenario. This new strategy guide for Bloom Design Group provides a comprehensive strategy for providing a safe and secure work environment. Several new policies and procedures will be implemented as a result of these new ideas. Bloom Design Group will have little trouble in adhering to the promised plan based on the their assets and......

Words: 3916 - Pages: 16

Harden Windows Xp with Group Policy

...Windows XP with Group Policy Brian Blanchette Strayer University Abstract Hardening client computers is essential when you are using a multi platform based network. Hardening is simply creating security lockdown protocols that will deter any intrusion from the outside and inside of a network. There are several ways to deploy those hardening settings the Security Configuration Wizard Graphic User Interface (SCW GUI), the Scwcmd command line deployment tool, and the Group Policy object (GPO). We will be discussing the GPO deployment method. This hardening procedure is required to maintain a secure operating system and network environment as a network firewall cannot prevent all intrusion that need to be stopped. When using the GPO to deploy security setting to another client computer there are some things that need to be done in order for the set up to be successful. There will be the need for a security risk assessment to be conducted to determine what will need to be protected against and what type of protection levels will need to be implemented. How the hardening (security) policies will be created and deployed to client computers. What type of operating systems is on the network in order to test the policy before it is deployed? With these question answered the hardening process can begin. First the servers and client computers must have the latest updates from their respective software company then the policies......

Words: 673 - Pages: 3

Security Policy

... |MCSD IT Security Plan  | |Type: |MCSD Procedural Plan | |Audience: |MCSD IT Employees and Management | |Approval Authority: |Assistant Superintendent for Technology & Personnel | |Contact: |mail to: bakatsm@marlboroschools.org   | |Status: |Proposed: |January 17, 2010 | | |Approved: |TBA |   [pic] MARLBORO CENTRAL SCHOOL DISTRICT Information Technology Security Plan                  January 17th, 2010 Table of Contents Introduction................................................................................................................ 3 Information Technology Security Safeguards........................................................... 4 Physical Security....................................................................................................... 5 Personnel Security..................................................................................................... 5 Data Communications Security...............

Words: 3526 - Pages: 15

Importance of Security Policies

...Discussion 1 Importance of Security Policies An internet security policy provides employees with rules and guidelines about the appropriate use of company equipment, network and Internet access. Having such a policy in place helps to protect both the business and the employee; the employee will be aware that browsing certain sites or downloading files is prohibited and that the policy must be adhered to or there could be serious repercussions, thus leading to fewer security risks for the business as a result of employee negligence. The Internet Usage Policy is an important document that must be signed by all employees upon starting work. Below is a Sample Internet Usage Policy that covers the main points of contention dealing with Internet and computer usage. The policy can then be tailored to the requirements of the specific organization. External Device use policy regulates access to external storage devices and network resources connected to computers. Device policy helps prevent data loss and leakage and, combined with file scanning, helps guard against security risks. You can configure Device Control policies for internal and external clients. Office-Scan administrators typically configure a stricter policy for external clients. Policies are granular settings in the Office-Scan client tree. You can enforce specific policies to client groups or individual clients. You can also enforce a single policy to all clients. External use device security is becoming an......

Words: 668 - Pages: 3

Configure Basic Security Controls on a Linux Server

...Configure Basic Security Controls on a Fedora Linux Server The students are required to submit their lab assignment answers through this website. All lab assignment questions listed are for each course's week lab activity. This may be a theory based or lab based activity. Lab assessment results and answers are due at the beginning of class the following week. Students are encouraged to perform and submit their lab assessment results immediately upon completion of the lab activity or prior to the due date. During this lab students will properly secure a Linux server system. They will perform steps to secure the bootloader, enable iptables and run SELinux to help lock down the Linux OS. The students will also apply ACLs to directories and files and then check those ACLs and permissions on the system. To accomplish the lab assignment below, students will need to obtain a copy of the Fedora Image provided to you by the Substitute Instructor and complete a basic VMware installation of Fedora. The questions in the lab book will be based on the installation experience. Assigned Pages: 10-26 Questions: 1 through 10. This assignment is due by the beginning of class for Unit 3. 1. What is GRUB and why is it important to lock it down? GRUB stands for Grand Unified Bootloader (1 of 2 boot menus' for the operating system) which is important to lock down is for security reasons. These reasons include being used to start other operating systems (eg. other versions of......

Words: 745 - Pages: 3

Internet Security - Lab 4

...LAB #4 – ASSESSMENT WORKSHEET Configure Group Policy Objects and Microsoft® Baseline Security Analyzer (MBSA) Overview In this lab, you used group policy objects to create a minimum password length password policy and link it to the newly created domain from the previous lab. You also ran the Microsoft® Baseline Security Analyzer (MBSA) and reviewed the results of the MBSA scan. Lab Assessment Questions & Answers 1. Describe two options you would enable in a Windows Domain password policy. Upper and Lower-case letters; Numbers 0-9 2. Is there a setting in your GPO to specify how many logon attempts will lock out an account? Name two parameters that you can set to enhance the access control to the system. Yes; You can change the default access privileges for access levels, and when you configure an account you can give it one of three different levels of privilege: full access, port-configuration access, and read-only access. 3. What are some password policy parameter options you can define for GPOs that can enhance the CIA for Configure Group Policy Objects and Microsoft® Baseline Security Analyzer (MBSA) system access? Passwords should meet a specified length of characters. They should contain at LEAST one letter and one number A password should not be a word from a dictionary Passwords should be changed on a routine basis Passwords should not be the same, or similar, to old passwords 4. If the virtual lab had direct Internet access, from what......

Words: 384 - Pages: 2

Administering and Auditing Group Policy

...members of the administrators group on the server, including attempts to take ownership of the folder. What auditing entries should you configure and implement on the finance folder? When it comes to audit policy, the entries that I would configure and implement in the finance folder would be the audit policy section. With the configuration of the object access settings. I would use the (account management events) section to overlook the finance folder. 2. Which audit policies should you configure? Explain why you are recommending these policies and how they would be maintained as well as monitored. I would configure the local, event log, and restricted group policies. I recommend these settings because they cover the ownership, security and accessibility of the files, as well many other features. I would maintain them by using the Computer Configuration Group Policy Refresh Interval to keep the settings established. 3. Describe how implementing fine grained passwords would be beneficial to the DCH Corporation. What options would you recommend for implementation and how would they be configured? Implementing fine grain passwords would be beneficial to corporation, because you can apply stricter settings to privileged accounts and less strict settings to the accounts of other users. In other cases, I would apply a special password policy for accounts whose passwords are synchronized with other data sources. 4. Explain and detail which security procedures you......

Words: 325 - Pages: 2

Security Policy

...Abstract 3 Security Policy Part 1 4 Computers 4 Switches 4 Personal Drives 5 Patient Database 5 Department Shared Folders 6 Network Configuration 6 Thumb Drives 7 Email Account 7 Account Management 7 Wireless Network 8 Security Policy Part 2 8 Missing 9 Incomplete 9 Inaccurate 10 Ill advised 10 References 12 Abstract This paper is based on two companies and their security policies. Some companies have a security policy that is complete and some companies have a security policy that is incomplete. The company that has a complete security policy will be able to activate that policy when a security violation occurs. The users and network administrator will know exactly what to do to mitigate the incident. The policy should have a corrective action section that will guide the people involved on how to handle the incident. Then there are those companies that have an incomplete plan so when a security violation occurs the whole company is in an up roar because they do not know what to do. These companies will have to mitigate the incident as they go and when this happens the process is not complete leaving things left undone. The best practice for every company is to have a complete and accurate security plan that is reviewed annually. The Security Policy Security Policy Part 1 I work for a hospital so network security is very important when it comes to keeping patient data safe. Ten things that are subject to compromise are: computers, switches,......

Words: 2464 - Pages: 10

Microsoft Active Directory Security

...following paper. “Microsoft Active Directory: How to effectively manage corporate network environments with cost savings” while adhering to the requirements for the final research paper for English 235: Technical Writing. Throughout my report I will show examples of per computer cost savings that can be achieved by using Microsoft Active Directory. These savings can be leveraged on any size corporate network to help make IT services more effective and enhance productivity. I will also explain how Active Directory makes IT management easier in regards to implementing large scale changes while securing the corporate network. The report will show different levels of Microsoft’s Infrastructure Optimization Model, along with options and cost savings. The report will further investigate how each optimization option can save money per PC each year by implementing one of these models. The audience of this report includes Chief Information Officers (CIO) and other leadership personnel from corporations large and small. The report will show how each company can independently profit from taking advantage from one or more of the strategies included. The report will explain the different strategies of the Infrastructure Optimization Model, how they can be implemented and the cost benefit for each. After reading through this report readers should have a greater understanding of how Active Directory secures a network and also how it can save on IT costs. Microsoft Active......

Words: 3558 - Pages: 15

Riordan Enterprise Security Policies

...Riordan Enterprise Security Policies Tim L. Robinson CMGT/430 September 12th, 2011 Instructor: Dave Fedorchak Riordan Enterprise Security Policies Because Riordan’s facilities include three locations in the United States and one in China Smith Systems Consulting views Riordan Manufacturing as an enterprise business. However, an unfortunate reality exists because Riordan’s existing security policies are either nonexistent or inadequate at best for an organization of this size. Consequently, Riordan should seriously consider implementing better security throughout the entire enterprise by defining and creating a Separation of Duties (SoD). In fact, many organizations including the Department of Defense use SoD to decrease security vulnerabilities and discourage collusion by employees for a number of reasons (Gligor, 1998). Therefore, Smith Systems Consulting provides the recommendations and reasoning herein to encourage Riordan to adopt the concepts of Role-Based Access Control (RBAC) to create a SoD throughout the enterprise to reduce risk exposure and enhance Riordan’s enterprise security. Role-Based Access Control Since 2010, research by the National Institute of Standards (NIST) provides indisputable evidence that RBAC has become an increasingly common choice of enterprises with 500 or more employees (National Institute...

Words: 1129 - Pages: 5

Company Security Policy

...------------------------------------------------- Rhombus, Inc. Company Security Policy Rev 1.1.15.12.4 Dec 2015 Editors: Rhombus, Inc. Policy Team 1 Rhombus, Inc. 14 1.1 About This Document 14 1.2 Company History 14 1.3 Company Structure and IT Assets 14 1.4 Industry Standards 15 1.5 Common Industry Threats 15 1.6 Policy Enforcement 16 2 Credit Card Security Policy 17 2.1 Introduction 17 2.2 Scope of Compliance 17 2.3 Requirement 1: Build and Maintain a Secure Network 17 2.4 Requirement 2: Do not use Vendor-Supplied Defaults for System Passwords and Other Security Parameters 18 2.5 Requirement 3: Protect Stored Cardholder Data 19 2.6 Requirement 4: Encrypt Transmission of Cardholder Data across Open and/or Public Networks 20 2.7 Requirement 5: use and Regularly Update Anti-Virus Software or Programs 20 2.8 Requirement 6: Develop and Maintain Secure Systems and Applications 21 2.9 Requirement 7: Restrict Access to Cardholder Data by Business Need to Know 21 2.10 Requirement 8: Assign a Unique ID to Each Person with Computer Access 22 2.11 Requirement 9: Restrict Physical Access to Cardholder Data 22 2.12 Requirement 10: Regularly Monitor and Test Networks 23 2.13 Requirement 11: Regularly Test Security Systems and Processes 25 2.14 Requirement 12: Maintain a Policy that Addresses Information Security for Employees and Contractors 26 2.15 Revision History 29 3 Acceptable Use......

Words: 26545 - Pages: 107

Information Security Policy

... WATERWORLD WATERPARKS Information Security Policy Version 1.0 Revision 191 Approved by John Smothson Published DATE March 23, 2011 CONFIDENTIAL/SENSITIVE INFORMATION This document is the property of WATERWORLD WATERPARKS. It contains information that is proprietary, confidential, sensitive or otherwise restricted from disclosure. If you are not an authorized recipient, please return this document to WATERWORLD WATERPARKS, Attention: IT Director. Dissemination, distribution, copying or use of this document in whole or in part by anyone other than the intended recipient is strictly prohibited without prior written permission of WATERWORLD WATERPARKS Executive Management. Revision History Changes | Approved By | Date | Initial Publication | John Smothson | 3-23-2011 | | | | | | | | | | | | | | | | | | | | | | | | | | | | Table of Contents 1 Introduction and Scope 8 1.1 Introduction 8 1.2 Payment Card Industry (PCI) Compliance 8 1.3 Scope of Compliance 8 2 Policy Roles and Responsibilities 10 2.1 Policy Applicability 10 2.2 Information Technology Manager 10 2.3 Information Technology Department 11 2.4 System Administrators 12 2.5 Users – Employees, Contractors, and Vendors 12 2.6 Human Resource Responsibilities 12 2.6.1 Information Security Policy Distribution 13 2.6.2 Information Security Awareness Training 13 2.6.3 Background Checks 13 3 IT Change Control Policy 15 3.1 Policy Applicability and Overview 15 3.2 Change Request......

Words: 28277 - Pages: 114

Security Policy

...Medical General Hospital Security Policy Introduction Information is an essential asset and is vitally important to Medical General Hospital business operations and long-term viability. Medical General Hospital must ensure that its information assets are protected in a manner that is cost-effective and that reduces the risk of unauthorized information disclosure, modification, or destruction, whether accidental or intentional. The Medical General Hospital Security Policy will adopt a risk management approach to Information Security. The risk management approach requires the identification, assessment, and appropriate mitigation of vulnerabilities and threats that can adversely impact Medical General Hospital information assets and patient records. Objectives • To keep all private patient files confidential • Allow only doctors and nurses access to private documents of patient • Setup username and passwords for employees • Setup badges for contactors and janitors • To comply with all security measures • To make sure private information about company files are prohibited • To make sure all printed documents that can be a threat to the company are shredded and not thrown in trash. • To make sure all staff shutdown workstation after using at the end of the day • To enforce that Surveillance cameras are monitored 24hrs a day 7days a week • To make sure visitors check in at the front before seeing the patient’s • Protect all data from......

Words: 5676 - Pages: 23

Information Security Policy

...Axia College Material Information Security Policy Axia College IT/244 Intro to IT Security Dr. Jimmie Flores April 10, 2011 Table of Contents 1. Executive Summary 1 2. Introduction 1 3. Disaster Recovery Plan 1 3.1. Key elements of the Disaster Recovery Plan 1 3.2. Disaster Recovery Test Plan 1 4. Physical Security Policy 1 4.1. Security of the facilities 1 4.1.1. Physical entry controls 1 4.1.2. Security offices, rooms and facilities 1 4.1.3. Isolated delivery and loading areas 2 4.2. Security of the information systems 2 4.2.1. Workplace protection 2 4.2.2. Unused ports and cabling 2 4.2.3. Network/server equipment 2 4.2.4. Equipment maintenance 2 4.2.5. Security of laptops/roaming equipment 2 5. Access Control Policy 2 6. Network Security Policy 3 7. References 3 Executive Summary There are several threats to the security of networks and data. While there is no definite way to prevent all of the incidents that can befall a network, by developing a proactive security plan that will encompass many of the known threats data loss and corruption can be minimized. Sunica obtains different levels of customer information and records large amounts of financial information on their network. The best way to prevent the......

Words: 4350 - Pages: 18