SEC370 All Labs( 1 – 6) – Screenshots provided where needed – Perfect Solution – Instant Delivery

Lab Price = 65
Please feel free to send us your queries at: support@iqrajavaid.com
Payment methods

Add to Cart

Buy Now

View Cart


Problem Statement




Lab 1 – You Decide

You Decide
Perform reconnaissance on a target company of your choice using Google, their website, Whois, and nslookup to find out
• where the company is;
• who works there;
• what IP addresses comprise its network;
• what its mailserver IP is;
• what its URL is; and
• How many other sites link to it.
The data you will be collecting for this activity will be used to help complete your Course Project Assignments for the next several weeks. Access the You Decide activity page by clicking on the item in the left-hand navigation for more details.




Lab 2 – Create Firewall Rules

Create Firewall Rules
In this exercise, you will configure Inbound and Outbound Windows Firewall rules.
Please refer to your course material or use your favourite search engine to research for more information about this topic.
Task 1: Enable Firewall and Verify Inbound Rules
Step 1
Ensure you have powered on the required devices and connect toPLABWIN701 device.
Go to system tray and right-click on network icon, choose OpenNetwork and Sharing Centre.

Step 2
Click Windows Firewall.

Step 3
Verify that Windows Firewall is enabled for all network profiles –Domain, Home or network and Public.
Click Advanced settings.

Step 4
In Windows Firewall with Advanced Security, go to InboundRules.
Right-click on File and Printer Sharing (Echo Request –ICMPv4-In) – Private, Public and choose Enable.

Step 5
Verify that File and Printer Sharing (Echo Request – ICMPv4-In) – Domain is Enabled.
Minimize Windows Firewall with Advanced Security.

Step 6
Ensure you have powered on the required devices and connect toPLABWIN810 device.
Right-click network icon and choose Open Network and SharingCenter.

Step 7
From Network and Sharing Centre, click Windows Firewall.

Step 8
Verify that Windows Firewall state is On for all network profiles – Domain, Private and Guest or private networks.
Click on Advanced settings link.

Step 9
On Windows Firewall with Advanced Security, go to InboundRules and right-click on File and Printer Sharing (Echo Request- ICMP-v4-In) Domain and choose Enable Rule.
Note that green tick, indicating that ICMPv4 packets will pass through the interface.

Step 10
Right-click on File and Printer Sharing (Echo Request – ICMP-v4-In) Private and choose Enable Rule.
Minimize Windows Firewall with Advanced Security.

Step 11
Open command prompt and type
ping 192.168.0.5

You should get the usual four standard replies.
Minimize command prompt window.

Step 12
Go to PLABWIN701 and open a command prompt. Type
ping 192.168.0.4

You get the four standard replies.
Minimize command prompt window.

Task 2: Configure Outbound Rules and Test Connectivity
Step 1
Go to PLABWIN810 device and reopen Windows Firewall withAdvanced Security.
Navigate to Outbound Rules and right-click on File and PrinterSharing (Echo Request – ICMPv4-Out) Domain, chooseProperties.

Step 2
On File and Printer Sharing (Echo Request- ICMPv4-Out)Properties, select Enabled box and Block the connectionoption.
Click OK.

Step 3
Right-click on File and Printer Sharing (Echo Request -ICMPv4-Out) Private, Public choose Properties.

Step 4
On File and Printer Sharing (Echo Request- ICMPv4-Out)Properties, select Enabled box and Block the connectionoption.
Click OK.

Step 5
Restore command prompt window and type
ping 192.168.0.5

Notice the General failure message as the Outbound interface has blocked ICMP packet from leaving.

Step 6
Go back to Windows Firewall with Advanced Security and right-click the File and Printer Sharing (Echo Request-(ICMPv4-Out) Domain and choose Disable Rule.

Step 7
Right-click the File and Printer Sharing (Echo Request-(ICMPv4-Out) Private, Public and choose Disable Rule.

Step 8
Reopen command prompt.
Verify that ICMP packets are allowed to go through the Outbound interface. Type
ping 192.168.0.5

Shut down all virtual machines used in this exercise using Practice Labs power button function to revert these devices to their default settings.
Alternatively, you may sign out of the lab portal to power down all devices.




Lab 3 – You Decide Activity

You Decide Activity
Review the Public Key Infrastructure, Hashing and Digital Signatures, Cryptography: Public Key Encryption, and Cryptology tutorials in the lecture.
Go to http://nmap.online-domain-tools.com/, and generate a report for your PC.
Go to http://www.md5decrypter.co.uk, and decrypt the following.
• 5f4dcc3b5aa765d61d8327deb882cf99—MD5
• 200ceb26807d6bf99fd6f4f0d1ca54d4—MD5
• 391d878fd5822858f49ddc3e891ad4b9—NTLM
• a2345375a47a92754e2505132aca194b—NTLM
The data you will be collecting for this activity will be used to help complete your Course Project assignments for the next several weeks. Access the You Decide activity page by clicking on the item in the left-hand navigation for more details.
Submit your assignment to the Dropbox, located at the top of this page. For instructions on how to use the Dropbox, read these step-by-step instructions.
See the Syllabus section “Due Dates for Assignments & Exams” for due date information.




Lab 4 – Disabling Unnecessary Services

Disabling Unnecessary Services
In this exercise, you will disable unnecessary services for laptops that are taken by users outside of the corporate network. It is essential that unneeded network services are turned off to minimize the number of ports that are open when these mobile computers are connected to the public network such as the Internet.
Please refer to your course material or use your favourite search engine to research for more information about this topic.
Task 1: Create a Policy to turn off non-essential services
In this step, you will use group policy to disable non-essential network services on user computers.
Step 1
Ensure you have powered on the required devices and connect to PLABC01.
In Server Manager, go to Tools > Active Directory Users andComputers.

Step 2
Expand PRACTICELABS.COM and click Create a new organisationalunit in the current container icon.

Step 3
In New Object-Organizational Unit, type
Mobile Computers

Click OK.

Step 4
Go to Computers container, select PLABWIN701, PLABWIN801 andPLABWIN810 devices.
Right-click on the selection and choose Move…

Step 5
In the Move box, select Mobile Computers and click OK.
Close Active Directory Users and Computers.

Step 6
Go back to Server Manager, go to Tools > Group PolicyManagement.

Step 7
Right-click on Mobile Computers and choose Create a GPO in thisdomain and link it here…

Step 8
In New GPO box, type Mobile Computers Restrictions, then click OK.

Step 9
Right-click on Mobile Computers Restriction and choose Edit…

Step 10
In Group Policy Management, go to Computer Configuration >Policies > Windows Settings > Security Settings > SystemServices.
In the right-details pane, right-click on Themes and chooseProperties.

Step 11
On Themes Properties, select Define this policy setting box and choose Disabled.
Click OK.

Step 12
In Group Policy Management, go to Computer Configuration >Policies > Windows Settings > Security Settings > SystemServices.
In the right-details pane, right-click on Server and choose Properties.

Step 13
On Server Properties, select Define this policy setting box and choose Disabled.
Click OK.

Step 14
In Group Policy Management, go to Computer Configuration >Policies > Windows Settings > Security Settings > Local Policies >Security Options
Right-click on Accounts: Rename administrator account and chooseProperties.

Step 15
In the Accounts: Rename administrator account… click Define thispolicy setting and type
Localpcadmin

Click OK.

Step 16
In Group Policy Management, go to Computer Configuration >Policies > Windows Settings > Security Settings > Local Policies >Security Options
Right-click on Interactive logon: Message text for users attemptingto log on and choose Properties.

Step 17
In the Interactive logon: Message text for users… click Define thispolicy setting in the template and type
This workstation is for authorised users only. Log on to this system is monitored for compliance to security policies.

Click OK.

Step 18
Right-click on Interactive logon: Message title for users attemptingto log on and choose Properties.

Step 19
In the Interactive logon: Message title for users… click Define thispolicy setting in the template and type
Notice

Click OK. Close Group Policy Management Editor and Group Policy Management console.

Task 2: Verify Computer Policy Restriction
Step 1
Switch to Practice Labs web application, click Disable/Enable autologin button.
Verify that x is displayed.
Select PLABWIN701 and click on Reboot this device button.

Step 2
Connect to the PLABWIN701 device after about 1 minute. Then login with the following credentials:
John.smith

Passw0rd

Step 3
Click Agree if you see the BGInfo license agreement page.
Click Start, in Search programs and files box, type
Services.msc

Press enter.

Step 4
Verify that Themes is Disabled.
Right-click on it and choose Properties.

Step 5
Notice that the controls to start and change the Start-up type of this service are not available. Click OK and close Services.

Step 6
Click Start and in Search for programs and files box, type
Gpupdate /force

Press Enter. Log off John Smith.

Step 7
Reconnect to PLABWIN701. Verify that the log on message screen is displayed. Click OK.
Note: If the log on message did not appear, restart PLABWIN701.

Step 8
Sign on as practicelabs\administrator password is Passw0rd

Step 9
Click Start, right-click Computer and choose Manage…

Step 10
Go to Local Users and Groups node, click Users and verify thatLocalpcadmin is present.
This is the renamed Administrator built-in account. The account was renamed because of group policy object.
Close Computer Management and log off Administrator.

Leave all devices powered on in their current state and proceed to the next exercise.

Exercise 2 – Protecting Management Interfaces and Applications
In this exercise, you will use group policy objects to protect certain programs from being run by regular users. You will prevent some users to run applications that are not allowed by system administrators.
Please refer to your course material or use your preferred search engine to research this topic in more detail.
Task 1: Disallow users to run some Windows applications
Step 1
Switch to PLABDC01. Go back to Server Manager, go to Tools >Group Policy Management.

Step 2
Right-click on EMEA and choose Create a GPO in this domain andlink it here…

Step 3
In New GPO box, type
Prohibit Access to Control Panel

Click OK.

Step 4
Right-click on Prohibit access to Control Panel and choose Edit…

Step 5
In Group Policy Management Editor, go to User Configuration >Policies > Administrative Templates > Control Panel.
Right-click on Prohibit access to Control Panel and PC settings, choose Edit.

Step 6
In Prohibit access to Control Panel and PC settings, choose Enabled.
Click OK.

Step 7
Back in Group Policy Management Editor, go to User Configuration >Policies > Windows Settings > Security Settings.
Right-click on Software Restriction Policies and select NewSoftware Restriction Policies.

Step 8
Two sets of folders will appear.
Right-click on Additional Rules and choose New Path Rule…

Step 9
From New Path Rule, use the following settings:
Path: C:\Windows\system32\cmd.exe
Security level: Disallowed
Click OK. Close Group Policy Management Editor window.

Task 2: Set a Network Password Policy
Step 1
In Group Policy Management console, right-click on Default DomainPolicy and choose Edit…

Step 2
In Group Policy Management Editor, go to Computer Configuration> Policies > Windows Settings > Security Settings > AccountPolicies and click on Account Lockout Policy.
Right-click on Account lockout threshold and choose Properties.

Step 3
In Account Lockout threshold, change the value to
3

Click OK.

Step 4
If the suggested value change appears, click OK to accept the changes.
Close Group Policy Management Editor window. Keep Group Policy Management console running.

Task 3: Verify the network restrictions
Step 1
Switch to PLABWIN701 and sign on as jan.regus password isPassw0rd

Step 2
Click Agree if you see the BGInfo License Agreement page.
Click Start and in Search programs box, type
Cmd

Press Enter.

Step 3
A message box appears indicating that command prompt is blocked by group policy. Click OK.

Step 4
Click again on Start and in Search box, type
Control

Press Enter.

Step 5
A message box appears, indicating control panel is not allowed to be used by the user currently signed on.
Click OK. Log off Jan Regus from PLABWIN701.

Leave all devices powered on in their current state and proceed to the next exercise.

Exercise 3 – Renaming Unnecessary Accounts for Security
In this exercise, you will rename the Guest account which is common to all Windows devices. This account although disabled is provided with the system for convenience purposes-mostly useful for part time users of a network.
Please refer to your course material or use your preferred search engine to research this topic in more detail.
Task 1: Create Policy for Guest Account
Step 1
Switch back to PLABDC01 and reopen Group Policy Management Console.
Expand Forest: PRACTICELABS.COM > Domains >PRACTICELABS.COM. Right-click on Default Domain Policy and choose Edit.

Step 2
In Group Policy Management Editor, go to Computer Configuration> Policies > Windows Settings > Security Settings > Local Policiesand click on Security Options.
Right-click on Accounts: Rename guest account and chooseProperties.

Step 3
In Accounts: Rename guest account… select Define this policysetting box. Type:
Visitor

Click OK.
Close Group Policy Management Editor and Group Policy Management console.

Step 4
Go to Practice Labs web application, select PLABWIN701 and chooseReboot this device button.

Step 5
When PLABWIN701 is done rebooting (green light is on) connect to it and sign on as practicelabs\administrator password is Passw0rd

Step 6
Click Start and right-click Computer choose Manage.

Step 7
Go to Local Users and Groups, go to Users container and verify thatVisitor user account is available.

Shut down all virtual machines used in this exercise using Practice Labs power button function to revert these devices to their default settings.
Alternatively, you may sign out of the lab portal to power down all devices.
Summary
In this module you learnt how to secure a network by doing the following tasks:
How to disable unnecessary services to minimize the attack surface of a computer
How to protect certain programs from being accessed by regular users using group policy.
How to rename non-essential built in user accounts to prevent those accounts from being used by unauthorised users.




Lab 5 – Policy Paper

Policy Paper
Review the Network Attacks tutorial in the lecture.
Submit a three- to five-page (800–1,200-word) security policy write-up for the antivirus, spyware, and adware policies for a medium-sized organization. Be sure to suggest security tools, and set up a schedule for maintaining a company that is free of infestations of malware.




Lab 6 – Authentication Methods

Authentication Methods
In this exercise, you will see two different authentication methods in action by forcing the user to log on to access a web server.
Please refer to your course material or use your preferred search engine to research this topic in more detail.
Task 1: Configure Authentication Methods
Step 1
Ensure you have powered on the required devices defined in the introduction connect to SERVER device.
Click Start go to Administrative Tools and select InternetInformation Services (IIS) Manager.

Step 2
Expand SERVER > Sites > Default Web Site.
In details pane, go to IIS section and double-click the Authenticationicon.

Step 3
Select Anonymous Authentication and in the Actions pane, clickDisable.
Select Basic Authentication and in the Actions pane, click Enable.

Step 4
Ensure you have powered on the required devices defined in the introduction connect to CLIENT device.
Start WireShark from desktop.

Step 5
Click Capture menu and choose Options.

Step 6
In WireShark: Capture Options dialogue box, change the network interface, so that the IP address indicates 192.168.0.2
Click in Capture Filter and type port 80 then click Start.

Step 7
Open Internet Explorer and browse to http://server
At the authentication prompt insert the following credentials:
User name: classroom\administrator

Password: Pa$$w0rd

Press Enter.

Step 8
The default IIS page should be displayed.

Step 9
Close the browser.
Switch to WireShark and click Capture menu and choose Stop.

Step 10
Click in the Filter box and type
http

Click Apply.
Look for the HTTP packets described as “GET / HTTP/1.1″.

Step 11
With this packet selected, expand the Hypertext Transfer Protocolanalysis in the middle pane.
Look for the Authorization line.
Expand the Authorization option and you will see the credentials you supplied are shown in clear text.

Step 12
The string after “Basic Y2xh…” is the encoded version. Unlike a cryptographic code, this requires no special key or passphrase to decode however.

Step 13
Connect back to SERVER device and open the default web site’sAuthentication property sheet in IIS Manager again.
Select Basic Authentication and in the Actions pane, click Disable.

Step 14
Select Windows Authentication and in the Actions pane, clickEnable.

Step 15
Right-click on Windows Authentication and choose Providers…

Step 16
In Providers dialogue box, select NTLM and choose Move up.
Click OK.

Step 17
Switch to the CLIENT device. Go to Wireshark and click Capturechoose Start.

Step 18
Select Continue without saving.

Step 19
Open Internet Explorer and browse to http://server
The default IIS page should be displayed.

Step 20
Switch to Wireshark and go to Capture then select Stop.
Close the browser.

Step 21
Look for GET / HTTP/1.1, NTLMSSP_NEGOTIATE packet in Wireshark.
Also look for additional GET/HTTP/1.1 packets which can provide additional information about authentication.
Expand the Hypertext Transfer Protocol and locate theAuthorization field. You will notice that the user credentials are no longer displayed in clear text but a long security identifier string.

Step 22
Right-click any HTTP packet and select Follow TCP Stream.
Note that the contents of the web page delivered are easily readable. Also note the information about the browser (user-agent) used.

Step 23
The TCP stream content is displayed in the console so that you can track what has network traffic has taken place during the session.
Take note of the Authorization section. Click Close.
Exit from WireShark. Choose Quit without Saving when asked.

Step 24
Switch back to SERVER device and open the default web site’sAuthentication property sheet in IIS Manager again.
Select Windows Authentication and in the Actions pane, clickDisable.

Step 25
Select Anonymous Authentication and in the Actions pane, clickEnable.

Leave all devices powered on in their current state and proceed to the next exercise.

Exercise 2 – Encryption
Most operating systems have built-in encryption tools for protecting user data on corporate computers. In this exercise, you will use encrypting file system (EFS) to protect data stored on a computer.
Please refer to your course material or use your preferred search engine to research this topic in more detail.
Task 1: Use Data Encryption Recovery Agent
Step 1
Switch to SERVER and go to Start > Administrative Tools > ActiveDirectory Users and Computers.

Step 2
Go to Users container and click New User button.

Step 3
From New Object – User, use the following values:
First name: John
Last name: Smith
User logon name: john.smith
Click Next.

Step 4
Type
Passw0rd

In each text and clear User must change password at next logon
Click Next.

Step 5
Click Finish.

Step 6
Right-click on John Smith and choose Add to a group…

Step 7
From Select Groups box, type
Domain admins

Click Check Names and then OK.

Step 8
Click OK.
Close Active Directory Users and Computers.

Step 9
Click Start, go to Administrative Tools > Group Policy Management.

Step 10
Right-click on Default Domain Policy and choose Edit…

Step 11
In Group Policy Management Editor, go to Computer Configuration> Policies > Windows Settings > Security Settings > Public KeyPolicies and click Encrypting File System.
Right-click Administrator and choose All Tasks > Export…

Step 12
Click Next in Welcome to the Certificate Export Wizard page.

Step 13
In Export Private Key page, select Yes, export the private key.
Click Next.

Step 14
From Export file format, select Include all certificates in thecertification path if possible.
Click Next.

Step 15
In Password page, type
Pa$$w0rd

Pa$$w0rd

In each text box and then click Next.

Step 16
In File to Export, type
C:\administrator

Click Next.

Step 17
Click Finish to close Completing the Certificate Export Wizard page.

Step 18
Click OK.
Close Group Policy Management Editor and Group Policy Management console.

Task 2: Test Data Encryption
Step 1
Switch to Practice Labs web application. Select PLABDC01 and clickDisable/Enable Auto login.
Verify that x icon is displayed.

Step 2
Connect to CLIENT device and use the following credential:
John.smith

Passw0rd

Step 3
Click Agree if presented with the BGInfo license agreement page.
Right-click on Start and choose Explore…

Step 4
Create a folder in Local disk C and name it JohnSmith

Step 5
Create a text document in c:\JohnSmith folder and call it Confidential.

Step 6
Right-click on JohnSmith folder and choose Properties.

Step 7
In JohnSmith Properties, click Advanced…

Step 8
In Advanced Attributes, select Encrypt contents to secure data.
Click OK twice.

Step 9
From Confirm Attribute Changes, verify that Apply to changes to thisfolder, subfolders and files is selected.
Click OK.

Step 10
Right-click on Confidential text document and choose Properties.

Step 11
From Confidential Properties, click Advanced…

Step 12
From Advanced Attributes, click Details.

Step 13
From Encryption Details dialogue, notice that the recovery agent is the Administrator account.
Click OK thrice.

Step 14
Log off John Smith from CLIENT device.

Task 3: Export Data Recovery Certificate
Step 1
Connect to CLIENT. Log on using the following credential
Administrator

Pa$$w0rd

Step 2
Open Windows Explorer and go to c:\JohnSmith folder.
Double-click Confidential text document.

Step 3
The administrator gets an Access is denied message. Click OK.
Close Notepad and minimize Windows Explorer.

Step 4
Click Start and go to Run box, then type
Mmc

Press Enter.

Step 5
From Console1, go to File > Add/Remove Snap-in…

Step 6
From Add/Remove Snap-in, click Add…

Step 7
From Add Standalone Snap-in, click on Certificates. Choose Add.

Step 8
In Certificates snap-in, click My user account. Click Finish.

Step 9
Click Close then OK.

Step 10
Right-click on Personal and choose All Tasks > Import…

Step 11
Click Next in Welcome to the Certificate Import Wizard.

Summary
In this module, you learnt how to configure the different authentication methods in Internet Information Services.
You tested their security by capturing a network trace using WireShark.
A way to protect user data in a workstation is by using Encrypting File System (EFS). It is important that a recovery agent certificate must be in place to recover encrypted data from a computer.

Step 12
In File to Import, type
\\server\c$\administrator.pfx

Click Next.

Step 13
In Password page, type
Pa$$w0rd

Click Next.

Step 14
In Certificate Store page, click Next.

Step 15
Click Finish to close Completing the Certificate Import Wizard.

Step 16
Click OK then close Console1 without saving changes.

Step 16
Open Windows Explorer and go to c:\JohnSmith folder. OpenConfidential text document.

Step 17
Confidential text document opens without errors.
Close Notepad and log off Administrator from CLIENT device.

Shut down all virtual machines used in this exercise using Practice Labs power button function to revert these devices to their default settings.
Alternatively, you may sign out of the lab portal to power down all devices.

Relevant Material
Screenshots
Lab 1: Screenshot

Lab1: Screenshot

Lab 2: Screenshot 2

Lab 2: Screenshot 2

Lab 2: Screenshot 1

Lab 2: Screenshot 1

Lab 4: Screenshot

Lab 4: Screenshot 1

Lab 5: Screenshot

Lab 5: Screenshot

Lab 6: Screenshot

Lab 6: Screenshot

Instructions
* If you want to purchase multiple products then click on “Buy Now” button which will give you ADD TO CART option.Please note that the payment is done through PayPal.
* You can also use 2CO option if you want to purchase through Credit Cards/Paypal but make sure you put the correct billing information otherwise you wont be able to receive any download link.
* Your paypal has to be pre-loaded in order to complete the purchase or otherwise please discuss it with us at support@iqrajavaid.com.
* As soon as the payment is received, download link of the solution will automatically be sent to the address used in selected payment method.
* Please check your junk mails as the download link email might go there and please be patient for the download link email. Sometimes, due to server congestion, you may receive download link with a delay.
* All the contents are compressed in one zip folder.
* In case if you get stuck at any point during the payment process, please immediately contact us at support@iqrajavaid.com and we will fix it with you.
* We try our best to reach back to you on immediate basis. However, please wait for atleast 8 hours for a response from our side. Afterall, we are humans.
* Comments/Feedbacks are truely welcomed and there might be some incentives for you for the next lab/quiz/assignment.
* In case of any query, please donot hesitate to contact us at support@iqrajavaid.com.
* MOST IMPORTANT Please use the tutorials as a guide and they need NOT to be used for any submission. Just take help from the material.
******************************************** Good Luck ***************************************************
Privacy Policy
We take your privacy seriously and will take all measures to protect your personal information.
Any personal information received will only be used to fill your order. We will not sell or redistribute your information to anyone.
Refund Policy
Incase you face any issues with the tutorial, please free to contact us on support@iqrajavaid.com
We will try our best to resolve the issue and if still persists we can discuss for a refund in case its required.
Payment Details
Lab Price = $65
Please feel free to send us your queries at: support@iqrajavaid.com

Payment methods

Add to Cart

Buy Now

View Cart