Nt2580 Lab3

In: Computers and Technology

Submitted By estradamus
Words 431
Pages 2

Lab #3 | Enable Windows Active Directory and User Access Controls


Enable Windows Active Directory and User Access Controls
Course Name and Number: Student Name: Instructor Name: Lab Due Date:

This lab provides students with the hands-on skills needed to create a new Active Directory domain in Windows Server 2003 and demonstrates how to configure a centralized authentication and policy definition for access controls. The Active Directory users and workstation plug-ins will be used to create users, groups, and configure role-based access permissions and controls on objects and folders in a Windows Server 2003 Active Directory system.

Lab Assessment Questions & Answers
1. What two access controls can be set up for Windows Server 2003 folders and authentication?

Authentication and Access control.

2. If you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of

access controls and permissions are probably configured?

List Folder Contents

3. What is the Windows tool that allows you to administer granular policies and permissions on a Windows

network using role-based access?

Group Policy Editor

38351_LB03_Pass2.indd 50

26/02/13 11:54 PM

Assessment Worksheet


4. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve

CIA for departmental LANs, departmental folders, and data.

creates security principals in the Active Directory domain partition

5. Would it be a good practice to include the account or user name in the password? Why or why not?

It is not a good idea to have a user name in the password, because it easy for people can try to hack or decode the password.

6. Can a user who is defined in the Active Directory access a shared drive if that user is not part of


Similar Documents

Nt2580 Unit 1

...NT2580 Unit 1 Assignment 1 Multiple Choice 1. Violation of a security policy by a user. C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews. 2. Disgruntled employee sabotage. I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance. 3. Download of non-business videos using the internet to an employer-owned computer. A. Enable content filtering and antivirus scanning at the entry and exit points of the internet. Enable workstation auto-scans and auto-quarantine for unknown file types. 4. Malware infection of a user’s laptop. L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 5. Unauthorized physical access to the LAN. N. Make sure wiring closets, data centers, and computer rooms are secure. Provide no access without proper credentials. 6. LAN server operating system vulnerabilities. F. Define vulnerability window policies, standards, procedures, and guidelines. Conduct LAN domain vulnerability assessments. 7. Download of unknown file types from unknown sources by local users. B. Apply file transfer monitoring, scanning, and alarming for unknown......

Words: 366 - Pages: 2

Nt2580 Definitions

...NT2580 Unit 1Assign 1 Crystal Johnson 1. Violation of a security policy by a user… (C) Place an employee on a probation, review acceptable use policy (AUP) and the employee manual, and discuss status during performance reviews. 2. Disgruntled employee sabotage…(I) Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance. 3. Download of non-business videos using the Internet to an employer-owned computer…..(A) Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-quarantine for unknown file types. 4. Malware infection of a user’s laptop…. (L) Use workstation antivirus and malicious code policies, standards, procedures, and guidelines.Enable an automated antivirus protection solution that scans and updates individual workstation with proper protection. 5. Unauthorized physical access to the LAN…..(N) Make sure wiring closets, data centers, and computer rooms are secure. Provide no access without proper credentials. 6. LAN server operating system vulnerabilities….. (F) Define vulnerability window policies, standards, procedures, and guidelines. Conduct LAN domain vulnerability assessments. 7. Download of unknown file types from unknown sources by local users…. (B) Apply file transfer monitoring, scanning, and alarming for unknown file types and...

Words: 372 - Pages: 2

Nt2580 Week2 Unit2 Homework.Pdf

...Barrero, Carlos Sat morning NT2580 Unit 1 Assignment 2 Impact of a Data Classification Standard The user domain is the first layer of the IT infrastructure I will discuss that is affected by the “internal use only” standard. It is the first layer and what some believe to be the weakest in the infrastructure. The user domain is where personal information is created and obtained for internal use only. Each person will have set permissions on what they can and cannot do. This way no one person can mess up or delete anything that doesn’t need to be (Jones and Bartlett Learning). The work station domain is the second layer of the infrastructure that I will discuss. This is also affected by the “internal use only” standard. This layer is where the user can access the network and any applications or information on the system. This requires a user to login with a password or authentication of some kind. This has to be done before this person can get to this information. This will help keep people out that aren’t supposed to be accessing the information (Jones and Bartlett Learning). The LAN to WAN domain is the third layer of the infrastructure I will discuss. I feel this is also affected by the “internal use only” standard. The TCP and UDP are not safe due the fact these are the enter and exit points of the network. This allows all the private information on the network at Richman Investments easy accessible for others outside of the network (Solomon). These are what I......

Words: 313 - Pages: 2


...NT2580 DEREK GRASSER LAB 7 1. Describe the differences between symmetric key cryptography and Asymmetric key cryptography. Ans: Symmetric key cryptography is older and only uses one key to encrypt and decrypt. Asymmetric key cryptography is newer than symmetric and uses two different keys to decrypt and decrypt, a public key and a private key. 2. How can public key cryptography be used for nonrepudation? Ans: The cryptography will be able to tell who it came from and what time it happened. Gives all the information needed. 3. How do digital signatures ensure the integrity of a message and verify who wrote it? Ans: Digital Signatures apply the same functionality to an e-mail message or data file that a handwritten signature does for a paper-based document. The Digital Signature vouches for the origin and integrity of a message, document or other data file. 4. What is a Certificate authority? (CA) Ans: In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. The digital... Certificate_authority. 5. What are the fields and their purpose that make up distinguished name of an X.509 certificate? Ans: is an ITU-T standard for a public key infrastructure (PKI) and Privilege Management Infrastructure (PMI). X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation......

Words: 262 - Pages: 2


...NT2580 UNIT 1 ASSIGNMENT 2 IMPACT OF DATA CLASSIFICATION STANDARD 1.) User Domain This Domain is where only one user will have access to it.   This can be configured to internal use only.   By default, the IT department tries to maintain a certain level of Security for this, so that nobody can access from the outside, only the IT Department can grant access privilege for Remote Access Point.   The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data that he or she has access to.   Also, every user on the company is responsible for the security of the environment. 2.) Workstation Domain Workstation Domain is where all the users work.   Before a user can log into the machine, he/she will need to be verified in order to gain access.   At Richman Investments, we provide very secure access for the employee workstations with a username and password.   A security protocol requires the password to be changed every 30 days.   All computers maintain regular updates and continuous antivirus protection for monitoring.   Additionally, no personal devices are allowed on the network. 3.) LAN Domain The Local Area Network (LAN) Domain is a group of computers all connected to a single LAN domain.   The LAN Domain is a collection of computers connected to one another or to a common medium.   All LAN domains include data closets, physical elements of the LAN, as well as logical elements as designated by......

Words: 332 - Pages: 2


...Microsoft Encrypted Authentication version 2 (MS-CHAP v2). * Or SSTP, L2tp/IPsec, PPTP, IKEv2 Access control model/ policy: This model would support Role based access controls and allow mandatory access control to be governed by remote access. The IS Dept. is responsible for maintaining the access and access rights and prividgles and restricted as needed by user roles in the organization. All data is encrypted and transmitted via remote and encrypted and used by the vpn tunnel. VPN access will be terminated on a 3 month basis and must be renewed by revisiting based on your access role and permissions. [continues] Read full essay Cite This Essay APA (2013, 07). Nt2580 unit 3 assignment 1 remote access control policy def. StudyMode.com. Retrieved 07, 2013, from http://www.studymode.com/essays/Nt2580-Unit-3-Assignment-1-Remote-1853418.html MLA MLA 7 CHICAGO...

Words: 339 - Pages: 2

Nt2580 Introduction to Information Security

...NT2580 Introduction to Information Security STUDENT COPY: FINAL EXAM 30. What does risk management directly affect? a. b. c. d. Company investments Security policy framework Security controls Number of employees 31. Which of the following is a cipher that shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A? a. b. c. d. Transposition Vigenere Caesar Vernam 32. Identify a security objective that adds value to a business. a. b. c. d. Revocation Authorization Anonymity Message authentication 33. Which of the following is an asymmetric encryption algorithm? a. b. c. d. AES 3DES RSA RC4 34. Identify a security principle that can be satisfied with an asymmetric digital signature and not by a symmetric signature. a. b. c. d. Nonrepudiation Integrity Authorization Access control 35. Which of the following is a mechanism for accomplishing confidentiality, integrity, authentication, and nonrepudiation? a. b. c. d. Cipher text Cryptography Access control Hashing © ITT Educational Services, Inc. All Rights Reserved. -8- 02/12/2012 NT2580 Introduction to Information Security STUDENT COPY: FINAL EXAM 36. In which OSI layer do you find FTP, HTTP, and other programs that end users interact with? a. b. c. d. Application Network Physical Data Link 37. Identify the configuration that is best for networks with varying security levels, such general users, a group of users working on a secret research project,......

Words: 658 - Pages: 3

Nt2580 Week 1

...ITT Technical Institute 3825 West Cheyenne Avenue, Suite 600 North Las Vegas, Nevada 89032 NT2580 Introduction to Information Security Week 1, Unit 1 – Information Systems Security Fundamentals Class Plan Time Duration: This Class Period will be approximately 4 ¾ Hours in length. It will be divided 2 ¾ hours for Theory and 2 ½ hours for Lab. Content Covered: • Textbook o Chapter 1 - Information Systems Security Objectives: After completing this unit, the student should be able to: • Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts: ▪ Confidentiality, integrity, and availability (CIA) concepts ▪ Layered security solutions implemented for the seven domains of a typical IT infrastructure ▪ Common threats for each of the seven domains ▪ IT security policy framework ▪ Impact of data classification standard on the seven domains Materials: Week 1 PowerPoint Presentation Assignment Overview: Refer to Assignment 1: Match Risks/Threats to Solutions in the Graded Assignment Requirements section of this instructor guide. In this assignment, the students need to match common risks or threats within the seven domains of a typical IT infrastructure with the possible solutions or preventative actions. Use the hand out worksheet NT2580.U1.WS1.doc. Refer to Assignment 2: Impact of a Data Classification Standard, you must write a brief......

Words: 530 - Pages: 3

Nt2580 Unit 5.1

...NT2580 Unit 5.1 James Ward Security Events Authentication failures and unauthorized access attempts can be found in the log files. They contain complete records of all security events (logon events, resource access, attempted violations of policy, and changes in system configuration or policies) and critical system events (service/daemon start/stop, errors generated, system warnings) that can allow an admin to quickly discover the root cause of any issues. A sudden increase in traffic can indicate that either your web site has been mentioned on a popular news site and people are checking it out, or it may mean that someone is up to no good. Security breaches Removable storage devices that might contain malware, filtered only when passing through the network could be a problem. Solution: Limiting the privileges of users adapted to the duties assigned to the individual. Making it clear that no removable storage devices are to be brought into the network under no circumstance unless necessary and properly screened first. Passwords that meet security requirements but remain easily guessable are a hazard and could affect a network. Solution: Implementing a change of password every so often. Implement the strategy that requires a combination of letters and numbers, and a minimum of a 30 day password renewal policy. Information on a laptop that is not encrypted would be a huge security issue. It would be likely that there would be some sort of damage in the event of......

Words: 265 - Pages: 2

Nt2580 Course Objectives

...ITT Technical Institute NT2580 STUDENT COURSE PACKAGE Bring this with you each week Students are required to complete each assignment and lab in this course package on time whether or not they are in class. Late penalties will be assessed for any assignments or labs handed in past the due date. The student is responsible for replacement of the package if lost. Table of Contents Syllabus 2 Class Policy 15 Unit Assignments 17 Unit 1 17 Unit 2 22 Unit 3 28 Unit 4 34 Unit 5 38 Unit 6 44 Unit 7 51 Unit 8 58 Unit 9 66 Unit 10 71 Course Project 74 Virtual Lab Instructions 79 ITT Technical Institute NT2580 Introduction to Information Security Onsite Course SYLLABUS Credit hours: 4.5 Contact/Instructional hours: 56 (34 Theory Hours, 22 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: NT1330 Client-Server Networking II or equivalent, NT1430 Linux Networking or equivalent Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definitions of terms, concepts, elements and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Where Does This Course Belong? This course is required for the associate degree program in Network......

Words: 17829 - Pages: 72


...NT2580 Lab 2 ANSWERS 1. What is the application ZenMap GUI typically used for? Describe a scenario in which you would use this type of application. It’s used for port scanning. It can be used to see what hosts are on the network and to see what services they are running. 2. What is the relationship between risks, threats and vulnerabilities as it pertains to Information Systems Security throughout the seven domains of a typical IT infrastructure? Threats and vulnerabilities lead risks, if you don’t have then then you don’t have any risk of anyone getting into your network 3. Which application is used for Step #2 in the hacking process to perform a vulnerability assessment scan? That would be Nessus is the application used. 4. Before you conduct an ethical hacking process or penetration test on a live production network, what must you do prior to performing the reconnaissance and probing and scanning procedures? You must get written permission 5. What is a CVE listing? Who hosts and who sponsors the CVE database listing website? A CVE (Common Vulnerabilities and Exposures) are known vulnerabilities and also show you how to patch them. They are from the Mitre Corporation but are under contract for Homeland Security and NCSD. 6. Can ZenMap GUI detect what operating systems are present on IP servers and workstations? What would that option look like in the command line if running a scan on Yes it can detect what OS are being used. The......

Words: 350 - Pages: 2

Nt2580 Remote Access Policies

...NT2580 Week 2 Essay Create a Remote Access Policy Definition NT2580 The requirements for establishing a secure connection between remote locations vary between organizations. The needs of the organization are based on the type of information and data being transferred, as well as the sensitivity of the information. There are several options available to networks to get their data sent securely and reliably. All seven layers of the OSI model must be taken into account when designing secure Remote Access Control Policies. In order to create a secure remote connection between offices in Atlanta, San Francisco, Chicago, and Dallas, a WAN link would be the best type of connection. A dedicated WAN link would offer the organization a secure, reliable, dedicated P2P type of connection. Wide Area Network links would be monitored by the owners of the lines that connect each location. Leased lines from the providers will allow for scalability with potential growth. The downside to this type of connection is the expense and an internet connection is not necessarily provided by the link. In order to add to the security of the network physical and logical access controls are necessary. Logical implementations added to the network will be Acceptable, Email, and Wireless Use policies, Antivirus and firewall software, as well as Extranet, Interconnection, and Host Security. In order to ensure the physical assets, as well as employees, physical security must also be considered.......

Words: 704 - Pages: 3

Nt2580 Project 1

...NT2580 Roxana Project 1 Multi Layered Security Plan Keeping information assets secure is challenging for any business, regardless of its size. It seems there’s no limit to the ingenuity and maliciousness of today’s cybercriminals, hackers and identity thieves. In fact, hackers have become so sophisticated and organized that their operational methods are similar to those of traditional software development and business practices. When developing a multi layered security plan, you must look at each of the seven domains of the IT infrastructure and increase security on each of those domains will increasing the security on each of those seven domains will increase the overall security of the system and create a multi layered security plan. In the user domain, one of the easiest ways for the system to be compromised is through the users. Simplicity of user’s passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower cases and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year. Project Part 1 Multi Layered Security Plan. Richman Investments 1 General This MLS plan will give a brief overview of the security strategies that will be implemented at each level of the IT infrastructure. 2 User Domain A) The usage of security awareness training to instruct employees of Richman investments......

Words: 479 - Pages: 2

En1320 Lab3

...Alyssa Bauman En1320 Lab3 “Why We Crave Horror Movies” by Steven King presents an intriguing philosophy of watching horror movies. I believe that the purpose behind this article is to appeal to the reader’s unrealized dark side. King implies that are able to overcome their hysterical fear of things when they’re confronted with it and watching a horror movie is the easiest way to do that. He explains that in some way we all have this courage to overcome our deepest fears and one of the ways we show it is placing ourselves, in this case a movie theater, directly in front of what we know will scare us. The intended audience for this article is most likely the younger age demographic. Horror Movies are especially popular with ages 15-35. When you are younger you have this need to seek out new experience and thrills. Throughout the essay King directs a message to the young by making a comparison of horror movies to roller coasters describing the excitement that is felt throughout the ride. King is trying to persuade his reading audience to watch horror movies that bring his popularity up because he has books that have been made into movies. Although persuasive, King's article does not have factual evidence to solidify his argument that we all crave horror movies. The article uses many rhetorical strategies such as: compare and contrast, analysis and evaluation, cause and effect, absolutes, generalizations, and assumptions. King's ability to use these strategies......

Words: 373 - Pages: 2

Phys216 Lab3

...Worksheet for Interactive Lab3: Circular Motion Name _____________ Physics 216 Grade ___/42 Date ______ Circular motion is one of the fundamental building blocks for understanding the physical world because it is so common. This interactive lets you examine the basic ideas of kinematics and forces for objects moving in circular motion. 1. (6 points) Use the controls under Show Vectors to draw arrows for several different quantities. The velocity vector is drawn in a special way: a big, bold arrow showing its direction and magnitude, plus smaller arrows for its horizontal and vertical components. * How are the directions of the acceleration and force vectors related? Force has a magnitude and a direction, and it is a vector. If a force is applied to an object, the object will accelerate in proportion to the magnitude of the force and in the direction of the applied force * What about the directions of the velocity and force vectors? The velocity of the object changes in response to the application of force. * And how are they influenced by the increase in mass and velocity slide bars? This question can be answered by the equation F = ma or force equals the product of mass and acceleration. An increase in mass or acceleration will result in more force. 2. (6 points) The large slider on the left changes the angle at which you view the spinning system. Try watching the motion from above (the default) and from the side. What would the system look......

Words: 1008 - Pages: 5