Premium Essay

Lab 4 It255

In:

Submitted By dbark
Words 293
Pages 2
1. Define why change control management is relevant to security operations in an organization?
Change control is a systematic way to approaching change. Within an organization, it can prevent the possibility of services becoming interrupted and if so, provide a plan to bring them back up as soon as possible.
2. What type of access control system uses security labels? Label-base access control (LBAC)
3. Describe two options you would enable in a Window’s Domain password policy? Minimum password length and password complexity requirements
4. Where would patch management and software updates fall under in security operations and management? Monitoring, Tracking, Testing
5. Is there a setting in your GPO to specify how many login attempts will lockout an account? Name 2 parameters that you can set to enhance the access control to the system. Account lockout duration and threshold
6. What are some Password Policy parameter options you can define for GPOs that can enhance the C-I-A for system access?
Minimum password length, maximum password age, password must meet complexity requirements, and store passwords using reversible encryption
7. What sources you use as a source to perform the MBSA security state? Computer by Name or IP and multiple Computers by Domain or IP Range
8. What does WSUS stand for, and what does it do?
Windows Server Update Service and it downloads Microsoft updates to a single server and deploys them
9. What is the difference between MBSA and Microsoft Update?
MBSA scans for security vulnerabilities while Microsoft update checks the Microsoft database for available updates. They are two totally different tools.
10. What are some of the options that you can exercise when using the MBSA tool? You can check for Windows administrative vulnerabilities and for security

Similar Documents

Free Essay

Love

...Matt Carlson IT255.XM1.10WTR Instructor Vincent Tran January 9, 2010 Learner Outcome Project Virtual Lab 1 1. Open the Server Manager console on your Windows Server 2008 computer. What selections are available to you in the left pane? The selections available to me include: Roles, Features, Diagnostics, Configuration, and Storage. 2. Using the Windows Help option, describe any roles and features that are currently installed on this server. There are currently no Roles or Features installed on the server. 3. Explain in your own words why it is a best practice to configure a server, such as a DNS server, with a static IP address rather than allowing it to obtain an IP address using DHCP. To put it simply, if the IP address of the server is consistently being changed by DHCP, then the ports that were opened up to allow the server to work through the firewall are going to be remain opened on the server’s old address, and not necessarily on the new one. This could cause applications to not run properly or at all, but worse, could create security vulnerabilities for the network. A static IP address allows other workstations on the network to easily keep track of the server. 4. Explore the netsh command menus. Record three commands that you can issue from the command line using netsh, and describe what each command does. 1. Exec- runs a script file 2. Add- adds a configuration entry to a list of entries 3. Online- sets the current mode...

Words: 3462 - Pages: 14

Premium Essay

It255

...ITT Technical Institute IT255 Introduction to Information Systems Security Onsite Course SYLLABUS Credit hours: 4 Contact/Instructional hours: 50 (30 Theory Hours, 20 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications ...

Words: 4114 - Pages: 17

Premium Essay

Seeking Help

...IT255 Introduction to Information Systems Security [Onsite] Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Credit hours: 4 Contact hours: 50 (30 Theory Hours, 20 Lab Hours) Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security 400 Level Capstone Project IS418 IS404 Access Control, Authentication & KPI IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications Securing Linux Platforms & Applications 300 Level IS305 Managing Risk in Information Systems ...

Words: 4296 - Pages: 18

Premium Essay

Lab 1 & Assessment Questions

...IT255 Lab 1 & Assessment Questions Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-28 19:38 Eastern Standard Time Nmap scan report for 172.30.0.10 Host is up (0.0054s latency). Not shown: 92 closed ports PORT STATE SERVICE 53/tcp open domain 88/tcp open kerberos-sec 135/tcp open msrpc 139/tcp open netbios-ssn 389/tcp open ldap 445/tcp open microsoft-ds 1025/tcp open NFS-or-IIS 1027/tcp open IIS MAC Address: 00:0C:29:99:40:7B (VMware) Skipping SYN Stealth Scan against 172.30.0.75 because Windows does not support scanning your own machine (localhost) this way. Nmap scan report for 172.30.0.75 Host is up. PORT STATE SERVICE 7/tcp unknown echo 9/tcp unknown discard 13/tcp unknown daytime 21/tcp unknown ftp 22/tcp unknown ssh 23/tcp unknown telnet 25/tcp unknown smtp 26/tcp unknown rsftp 37/tcp unknown time 53/tcp unknown domain 79/tcp unknown finger 80/tcp unknown http 81/tcp unknown hosts2-ns 88/tcp unknown kerberos-sec 106/tcp unknown pop3pw 110/tcp unknown pop3 111/tcp unknown rpcbind 113/tcp unknown auth 119/tcp unknown nntp 135/tcp unknown msrpc 139/tcp unknown netbios-ssn 143/tcp unknown imap 144/tcp unknown news 179/tcp unknown bgp 199/tcp unknown smux 389/tcp unknown ldap 427/tcp unknown svrloc 443/tcp unknown https 444/tcp...

Words: 1062 - Pages: 5