In: Computers and Technology

Submitted By Mazyck
Words 363
Pages 2
Configure Active Directory and Implement Departmental and User Access Controls
Course Name and Number:
Student Name:
Instructor Name:
Lab Due Date:
In this lab, you configured Windows Active Directory to create Department and User accounts, and set unique read/write folder and fi le access privileges. You used the Windows Configuration Applet and Group Policy Management console to create and test configurations and read/write of several fi les with specific access controls. You also used group policy objects to restrict access to certain users and groups at the directory, folder, and fi le level.
Lab Assessment Questions & Answers
1. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve
CIA for departmental LANs, departmental folders, and data.
2. Is it a good practice to include the account or user name in the password? Why or why not?
3. To enhance the strength of user passwords, what are some of the best practices to implement for user password definitions to maximize confidentiality?
4. Can a user defined in Active Directory access a shared drive if that user is not part of the domain?
5. Does Windows Server 2008 R2 require a user’s logon/password credentials prior to accessing shared drives?
6. When looking at the Active Directory structure for Users and Computers, which group has the least amount of implied privileges?
7. When granting access to LAN systems for guests (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend implementing to maximize CIA of production systems and data?
8. When granting access for the ShopFloor group to the SFfi les within the SFfi les folder, what must be configured within Active Directory?
9. When granting access for the HumanResources group to access the HRfi les within the HRfi les…...

Similar Documents

Issc342 Assignment 1

...1. Discuss common forms of attack on Microsoft systems using the text Internet, and/or your job as reference for full credit. When considering the security of a system you will need to determine all the possible threats, vulnerabilities, and attacks. You will also need to consider the appropriate tradeoffs between security on one hand, and usability and cost on the other. A threat is the possibility of system compromise. For example, a threat could be the potential for unauthorized people to gain access to sensitive information, such as credit card information or health records. Microsoft (2005) Threats usually involve confidential information. An attack takes advantage of an existing vulnerability. For example, suppose a malicious user knows that some users have weak passwords and tries guessing them until gaining access to restricted resources. It is important to realize the different types of security attacks you might encounter. Once you understand these, you will learn the appropriate countermeasures to take. Microsoft (2005) The three main types of attacks are: Disclosure of data, Corruption of data, and Denial of service. Disclosure refers to unauthorized or inappropriate access to sensitive data. This is probably the most common form of attack. An example of disclosure is a file that holds confidential payroll information. If this file finds its way into the hands of someone who should not be privy to the data, then the data has been disclosed. Data corruption is......

Words: 496 - Pages: 2

Common Forms of Attacks on Microsoft Systems

...COMMON FORMS OF ATTACKS ON MICROSOFT SYSTEMS Corey Slate ISSC342 Professor Peter Mylonakos American Public University July 13, 2014 COMMON FORMS OF ATTACKS ON MICROSOFT SYSTEMS Ever since the Microsoft Company was founded in 1975, they have been working in the computer industry with one mission on their minds. The ability to enable people and businesses throughout the world to realize their full potential by creating technology that transforms the way people work, play, and communicate (Microsoft, 2014). Throughout the company’s journey to accomplish their mission they have had great success being a front runner in the development of operating systems for personal computers and even branching out into the mobile device world of today. With their many successes, however, as come some small setbacks that have caused the company problems in the past, the present, and surely in the future as well. What are these setbacks that can frustrate a major company like Microsoft, the answer is technology. The Microsoft Company has been using the advances in technology to lead their company to the top of the personal computer operating systems world for over a decade. They have developed many types of operating systems with many different versions to appease the different types of people and companies that require their operating systems to function on a daily level. However, with technology advancing attackers, or hackers, use the new technology to seek and exploit......

Words: 584 - Pages: 3

Issc342 Lab 3 Q&a

...Lab 3 Questions and Answers 1. Within a Microsoft® Windows 2008 server R2 environment, who has access rights to the EFS features and functions in the server? Only the users that have been given the rights to encrypt files and have rights to encrypt and decrypt. 2. BitLocker can enable three modes of access control on drives. List these three modes. The three modes are TPM, PIN, and USB. 3. What feature and function can you enable to mitigate the risk caused by USB thumb drives moving confidential data to/from a USB hard drive? You can use either a smartcard or a USB key/password through windows prompts. 4. What are some best practices you can implement when encrypting BitLocker drives and the use of BitLocker recovery passwords? Well whenever you encrypt BitLocker drives and use BitLocker passwords, windows will give you options of ways to store the passwords. You can save to a USB flash drive, save to a file, or print the recovery key out. 5. What encryption algorithm is supported by BitLocker? The main type is Asymmetric algorithm. 6. What is the Trusted Platform Module (TPM) within BitLocker, and how does this verify the integrity of the workstation domain and laptop boot process? (TPM) uses a microchip to manage and protect the key used for volume encryption and decryption. BitLocker uses a combination of TPM, PIN, and USB keys to verify the integrity of the boot processes. 7. How do you grant additional......

Words: 467 - Pages: 2

Issc342 Lab4

...Lab #4 Operating Systems: Hardening and Security March 1st, 2015 Lab Assessment Questions & Answers 1. What is the one thing that a virus, a worm, spyware, and malicious code have in common? What are the differences among these three threats: a virus, a worm, and spyware? A virus, worm and spyware all have in common that they replicate themselves into the network’s system. Some of the differences between the three are that worms can edit files, viruses need a host file to propagate itself and a spyware can steal very sensitive information within the network. 2. How often should you update your antivirus protection? You should update your antivirus protection daily to always keep your network secured. 3. Why is it a best practice to have and to carry an antivirus boot-up disk or CD? It is best practice to use an antivirus boot-up or CD because it can bypass any files that are meant to protect the malware from being detected during scans. 4. In a corporate environment, should new antivirus definitions be installed as soon as they are available? Yes, in a corporate environment antivirus programs should be installed right away to protect the company’s files. 5. Is the manual quick scan good enough protection for a system? No a manual quick scan is not good enough protection for a system the files also have to be deleted. 6. What best practices for the workstation domain that can mitigate the risks and threats caused by malicious code...

Words: 421 - Pages: 2


...Running head: Cyber Security Securing Networks Wagner, Juan ISSC342 ABSTRACT As our dependency on technology grows so does the need to protect the data contained in them. We live in a world where digital imaginary data has become just as important if not more than actual physical work these machines perform. One of the biggest jobs for any respectable firm is the ability to protect its information from the unrelenting attacks by hackers, insiders, social engineers and software exploits. this is an on going struggle that will never end. The reality is there is no way to fully and completely protect a network. The second best thing we can do as IT professionals is ensure protocols that have resulted in having a more secure network are being met. Since most of the errors in the world are human errors we must take extra consideration when securing a network. Computers don't make mistakes only people make mistakes. Finally as professionals we must do our job in researching new exploits, tools and reasons why someone would want to perform a cyber attack on said company. INTRODUCTION In the IT world knowledge is power, and there is much to be learned if a corporation is to be able to perform at an AAA level. There are many things that can go wrong in regards to intellectual property. Some of those things are certificates, classification of data, and how computing devices are used. In conjunction with the material professionals also should be actively researching...

Words: 1917 - Pages: 8

Lab 3 Questions

... Removing Malware: Tools and Techniques Devan A. Dunham American Military University, ISSC342, Instructor Peter Mylonakos In the digital world, there are many tools and techniques to harm your computer, but there are also the same for protecting your computer as well. Malware, or malicious software, is software that is intended to damage or disable computers and computer systems. It is very dynamic and can be hard to detect sometimes because it may disguise itself as something that should be running on your computer. For example, after installing a program, Jim doesn’t realize that the executable file he downloaded was infected with malware named “Wajam” but disguised itself as “Software Updater” under Control Panel. It ran in the background and updated itself automatically without Jim’s knowledge. So how would Jim detect and remove this virus? First, Jim should always be aware what is running on his computer. On Windows machines specifically, opening the Task Manager and taking a quick look at processes will give the user a good outlook on what is running on the computer. Users should look for anything suspicious or unknown processes and do further research upon discovering them. Another simplified way to discover malware is to use an anti-virus program. There are many available to users and doing a quick internet search will yield thousands of programs, but sticking with reputable programs will serve its purposes. Scanning for malware and other viruses is as simple as......

Words: 579 - Pages: 3