...Lab 2 Part 1: 10 points Learning Objectives and Outcomes * Analyze a mixed-version Microsoft Windows environment and identify the issues described in Microsoft Security Advisories. Assignment Requirements You are reviewing the security status for a small Microsoft workgroup LAN. The workgroup contains many distinct separations in the network as determined by group memberships. The network consists of computers working on a variety of client platforms, such as Windows XP, Windows Vista, and Windows 7, and server products in a single environment. An example of the network divisions is as follows: * Windows laptops: Traveling salespeople, remote suppliers, branch offices * Windows desktops: Accounting group, developer group, customer service group * Windows servers: Administrative server, Microsoft SharePoint server, Server Message Block (SMB) server Microsoft Common Vulnerability and Exposures (CVEs) are addressed through security advisories with a corresponding advisory ID. Other CVE sources attach a CVE ID to advisories. Go through the archive of Microsoft Security Advisories at http://technet.microsoft.com/en-us/security/advisoryarchive Answer the following questions based on the advisories for the past 12 months: 1. What vulnerabilities exist for the workgroup LAN listed above based on the advisories? List five of them. Explain what could happen to the LAN for each. 1. Update for Vulnerabilities in Adobe Flash Player in Internet Explorer...
Words: 684 - Pages: 3
...Assessment Worksheet Obtaining Personally Identifiable Information through Internet Research Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you explored a variety of search engines and social networking Web sites that may contain personal information about you that, in the hands of an identity thief, could compromise and exploit your privacy. You documented the sites that displayed your personal information and suggested methods for controlling access to that information within the specific sites. You also explored the privacy policy of some of the more popular social networking sites. Lab Assessment Questions & Answers 1. Complete the following table to describe the results you discovered about your own personally identifiable information on the Internet. Search Engine Was personal information returned? (Yes or No) Dogpile.com Google.com InstantCheckmate.com AlltheInternet.com WhitePages.com Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Instructor Lab Manual ZabaSearch.com Your local government Web site Facebook LinkedIn Twitter 2. Was there enough personal information returned that could...
Words: 435 - Pages: 2
...Targeted attacks did not start in 2010 and will not end there. in addition, while Hydraq was quickly forgotten and, in time, Stuxnet may be forgotten as well, their influence will be felt in malware attacks to come. Stuxnet and Hydraq teach future attackers that the easiest vulnerability to exploit is our trust of friends and colleagues. Stuxnet could not have breached its target without someone being given trusted access with a USB key. Meanwhile, Hydraq would not have been successful without convincing users that the links and attachments they received in an email were from a trusted source. Social networks. Whether the attacker is targeting a CEO or a member of the QA staff, the internet and social networks provide rich research for tailoring an attack. By sneaking in among our friends, hackers can learn our interests, gain our trust, and convincingly masquerade as friends. Long gone are the days of strange email addresses, bad grammar, and obviously malicious links. A well-executed social engineering attack has become almost impossible to spot. Zero-day vulnerabilities and rootkits. Once inside an organization, a targeted attack attempts to avoid detection until its objective is met. Exploiting zero-day vulnerabilities is one part of keeping an attack stealthy since these enable attackers to get malicious applications installed on a computer without the user’s knowledge. in 2010, 14 such vulnerabilities were discovered. Rootkits also play a role...
Words: 548 - Pages: 3
...Lab 2 worksheet CONFIGURING DNS AND DHCP THIS LAB CONTAINS THE FOLLOWING EXERCISES: Exercise 2.1 Designing a DNS Namespace Exercise 2.2 Creating a Zone Exercise 2.3 Creating Domains Exercise 2.4 Creating Resource Records Exercise 2.5 Creating a Scope Exercise 2.6 Confirming DHCP Server Functionality Exercise 2.7 Configuring DHCP Reservations Workstation Reset: Returning to Baseline Estimated lab time: 100 minutes |Exercise 2.1 |Designing a DNS Namespace | |Overview |You have been tasked with creating a test DNS namespace structure for your organization. Your first | | |task is to design that namespace by specifying appropriate domain and host names for the computers in| | |the division. | |Completion time |15 minutes | 2. In the diagram provided in Figure 2-1, write both the domain names and the fully qualified domain names that you have selected for the computers in the appropriate spaces. Figure 2-1 |Exercise 2.2 |Creating a Zone | |Overview...
Words: 782 - Pages: 4
...LAB REPORT CH-114A Experiment: Properties of gases. Objectives: The objective of the experiment is to see the physical and chemical properties of gases and how to identify the gases when you have to encounter them. OBSERVATIONS: The things I observed during this experiment were bubbles and color change. DATA: Gas Flame reaction Glowing splint Limewater reaction Brothothymol blue reaction Hydrogen: Flame got bigger with popping Flame went out Light brown color Green color Oxygen: Flame lit up quickly Reignited Color red Color blue Hydrogen and Oxygen: No reaction Flame went out Brown color Greenish blueish color Carbon dioxid- No flame No flame Bubbles and then it turns cloudy Bubbles and then it turns yellow Alka Seltzer: Quickley bubbled Breath: No reaction Quickly bubbles and turns cloudy No reaction Turns blue CALCULATIONS: CONCLUSION: In this experiment it made me learn that reactions are way different when you compare them as acidic or basic. QUESTIONS: 1. Give two reasons why we fill the gas generator test tubes almost to the top with chemicals. -We want to make sure we minimize the amount of air so the gas will stay pure, also, some gases react differently with air. The less space so it will less likely affect the results. 2 What happens to the zinc in the hydrogen generation experiment? -The zinc dissolves. 3. What happens to the manganese in the oxygen generation experiment...
Words: 366 - Pages: 2
...Week 2 Lab Compliance Law | Purpose | Requirements | PCI | To enhance security of credit card data. The key pieces of data that can be stolen are: name, credit card number, expiration date, and security code. | 1. Install and maintain a firewall. 2. Do no use defaults. 3. Protect stored data. 4. Encrypt transmissions. 5. Use and update antivirus software. 6. Develop and maintain secure systems. 7. Restrict access to data. 8. Use unique logons for each user. 9. Restrict physical access. 10. Track and monitor all access to systems and data. 11. Regularly test security. 12. Maintain a security policy. | HIPAA | To ensure that health information data is protected. Health information is any data that is created or received by health care providers, health plans, public health authorities, employers, life insurers, schools or universities, and health care clearinghouses. It relates to any past, present, or future health, physical health, mental health, or condition of an individual, and past, present, and or future payments for health care. | Security standards: Specific standards are to be used for storage of data, use of data, and transmission of data.Privacy standards: Data must not be shared with anyone without the express consent of the patient.Penalties: Penalties include mistakes, knowingly obtaining or releasing data, obtaining or disclosing data under false pretenses, and obtaining or disclosing data for personal gain or malicious harm. | FERPA...
Words: 375 - Pages: 2
...Unit 2 Lab Procedure ***IMPORTANT: Read the lab procedure completely before beginning. Reading for Next Week Chapter 11 and 12 in Practical Guide to Red Hat Linux Exercise 1: Virtual Library research Search and explore the ITT Tech Virtual Library for resources on bash. Use the following keywords and phrases to help you locate appropriate resources: * bash scripts * bash history * the bourne shell * bourne again shell * commands in Linux Required Resources Access to the Internet Access to ITT Tech Virtual Library Submission Requirements * Students bring to class the following: * one printed copy of one pertinent resource found through the ITT Tech Virtual Library * one printed copy of one pertinent resource found through the Internet * Students should be prepared to share and discuss one or two critical points from each resource with classmates. * After small group discussion, students will hand in the printed copies of resources for a pass/fail grade. (print an extra copy for yourself to take notes on and keep.) The resources must pertain to the given topic to receive a passing grade. * Note: If the resource shared is a full website or tutorial, you can just print the lead page that gives key information about the content of the resource. (cont’d) Exercise 2: Accessing the man Pages 1. Start the primary system and log in as the regular none-privilege user 2. Read...
Words: 1532 - Pages: 7
...This lab requires you to focus on variable assignment and calculations. Read the following program prior to completing the lab. Write a program that will calculate the cost of installing fiber optic cable at a cost of $0.87 per foot for a company. Your program should display the company name and the total cost. Step 1: Examine the following algorithm as a base for how the program should flow. (Reference: Designing a Program, page 31). 1. Display a welcome message for your program. 2. Get the company name. 3. Get the number of feet of fiber optic to be installed. 4. Multiply the total cost as the number of feet times $0.87. 5. Display the calculated information and company name. Step 2: Think of good variable names for the following pieces of data that will need to be stored with in this program. Purpose of Variable | Variable Name | Stores the cost of fiber | fiberCost | Stores the company name | Companyname | Stores the number of feet to be installed | feetinstalled | Stores the calculated cost of installed fiber | installedcost | Step 3: Complete the following pseudocode based on the algorithm and the variables you declared above. Display “Welcome to the Fiber Optic Calculator Program” Set fiberCost = .87 Display “What is the company name?” Input Companyname Display “How many feet of fiber will be installed?” Input feetinstalled Set 13 Display “For the company”, companyname,”the total cost will be $11.31”,? Now, think...
Words: 429 - Pages: 2
...64+32+16+8+4+1=125 Task 3 on next page Gian Ciannavei; Lab 2 Task 3: Below is an example on how to turn the decimal ‘210’ into a hexadecimal using the division by 16 methods. 210/16=13 R2 13 (lsd) 2 (msd) 16-1 <weights 13-2 <Digits=D2 Next is an example of how to turn a hexadecimal into a decimal, in this case, back to ‘210’. 16*13=208 1*2=2 2+208=210 Note: You can also convert the decimal number into binary and turn the binary number into a hexadecimal. 210/2=105 R0 105/2= 52 R1 52/2=26 R0 26/2=13 R0 13/2=6 R1 6/2=3 R0 3/2=1 R1 ½=1 R1 210=11010010 1101=13 0010=2 13(LSD) 2(MSD) =D2 Task 4: Convert hexadecimal number E7 into a decimal. 14(LSD) 7(MSD) =E7 14*16=224 7*1=7 224+7=231 Gian Ciannavei; Lab2 Convert hexadecimal E7 into binary, and then back to decimal to check answers. 14(LSD) 7(MSD) =E7 14*16=224 7*1=7 224+7=231 231/2=115 R1 115/2=57 R1 57/2=28 R1 28/2=14 R0 14/2=7 R0 7/2=3 R1 3/2=1 R1 ½=1 R1 Binary =...
Words: 317 - Pages: 2
...import java.util.Scanner; public class Lab2{ public static void main(String[]args) { // Create a Scanner object Scanner input " new Scanner(System.in); // Prompt the user to enter two numbers System.out.print("Enter two numbers: "); double number1 = input.nextDouble(); double number2 = input.nextDouble(); // Compute sum double sum = (number1 + number2); // Display result Promt the user to enter two numbers System.out.print("Enter two numbers; "); Double number1 = input.nextDouble(); Double number2 = input.nextDouble(); // Compute sum Double sum = (number1 + number2); // Display result System.out.println("The sum of " + number1 + " " + number2 + " " + " is " " + sum); // Compute difference double difference = (number1 - number2); // Display result System.out.println("The difference of " + number1 + " " + number2 + " is " + difference); // Dispute difference Double difference = (number1 - number2); // Display result System.out.println("The difference of " + number1 + " " + number2 + " is " " + difference); // Compute product double product = (number1 * number2); // Display result System.out.println("The product of " + number1 + " " + number2 + " is " " + product); // Compute quoient Double quoient = (number1 / number2); // Display result System.out.println("The quoient of " + number1 + " " + number2 + " is " " + quoient); // Compute quoient Double quoient " (number1 / number2); // Display result System.out.println("The difference of...
Words: 254 - Pages: 2
...Report on the Factors influencing house prices in Ames, Iowa. Name: Michelle O’ Regan Student number: 114462288 Degree: BSc Finance. Second Year Word Count: 1822 (not including appendix) Submission Date: 14th April, 2016 Introduction Throughout this report I endeavour to present a clear, concise documentation of the factors that influence house prices in Ames, Iowa. I will initiate this report with my estimate of the possible regression based on my economic theory, create a dummy variable in respect to the absence/presence of a garage, followed by a comprehensive description of continuous and discrete variables. Preceding this I aim to report an extensive description of my estimated regression, test said regression for multicollinearity and heteroscedasticity, predict possible solutions to these problems and re run the regression taking into consideration the possible solutions. Main Body Part (a) From my study of econometrics and my knowledge of house prices, the following equation is my estimate of the factors that influence the price of houses PR= f (SI, YD, GA, lnAGE) + + + - (see appendix 1.1 for variable details) My reasoning for the inclusion of the above variables and their predicted signs are as follows: SI: Generally speaking, the larger the home the more you pay as house buyers like to buy houses with as much...
Words: 3224 - Pages: 13
...Kenneth Williams NT2640 LAB2 Setting Router Password Step 4 Router(config-line)# Step 11 Yes it ask for a password and it work with clscopress Step 12 Barney works Config router ip Step 4 It says unassigned Step 10 The ip is 10.1.1.4 Step 11 Yes it did Config SSH Step 4 R1 config-line # Step 7 Config-line now I am in config Step 11 It connect me to R2 user command Terminal history Step 5 It shows 192.168.54.0/29, 3 subnets/192.168.54.64.[120/1] via 192.168.54.34, 00:45:35 Step 6 I see 5 commands I put in Step 8 I see two commands Rebuild a config Step 2 Ip 10.22.1.1, 255.255.0.0,hostname clock rate 1536000, password ciscopress, router config 10.0.0.0,its shutdown on each Step 3 Yes the ping worked Step 4 No it didn’t work Step 5 No it didn’t work Step 6 Yes it did work SSH and Telnet Step 1 10.21.1.1,10.23.2.2,10.21.1.254,10.23.2.254,10.21.0.1,10.23.0.2 Step 2 Yes for use no for enable mode Step 3 SSh and telnet Step 4 Step command incomplete Basic router config I can not find this lab on here. Switch and router security Step 2 No not any subcommand showed up Step 3 No the same happened here Subnetting lab 3 Step 1 I have no clue Step 9 No it does not...
Words: 266 - Pages: 2
...ISM4220 Business Data Communications Wireshark Lab 2 - Ethernet Part I. Capturing and analyzing Ethernet frames Let’s begin by capturing a set of Ethernet frames to study. Do the following: * First, clear your browser’s cache, and start it with a blank page. You may also want to close out all other browsers or web activities (It is important to do this step, so your Wireshark results won’t be overwhelming.) * Start up the Wireshark packet sniffer, and start a packet capture * Enter the following URL into your browser * http://lix1.myweb.usf.edu/about-usf-st-petersburg.htm * Stop Wireshark packet capture. * Save this capture with a name “Lab2 trace1 – yourlastname”, and the default file type should be .pcapng. You will need to submit this trace file, which shows your unique IP address and time stamp to prove the origin of your work. * Now locate the GET and OK packets that your computer communicated with the server that hosts the About USF St. Petersburg web page you’ve just visited. There could be multiple GET and OK packets, depending on the web activities going on. Make sure you get the right GET and OK packet using the info column of the Packet List. Create a lab report using MS Word, and answer the following questions. Q1. Provide the packet #s of the GET and OK packet. When you select the GET message in the packet list, you can see in the Packet Details (middle window), there are 5 section items * Frame ...
Words: 1908 - Pages: 8
...This is newest updated file from today. See below. IP Subnetting Project XUMUC is has the WAN links in place to the new locations in the Houston Region. XUMUC currently has 2 other Regions San Francisco and Denver. Originally, XUMUC was only in one region (San Francisco). The previous consultant did a poor job with the integration resulting in a poor IP address scheme as a result routing tables at the summarization points and at the San Francisco Campus are very large. In addition, no VLAN structure was developed to isolate broadcast traffic. There are 4 main departments in XUMC: sales, finance, human resources, and research and development. Also, there has been some concern that the WAN transport was not able to accommodate the network traffic. The XUMC sales team has added a call center with hours of operation from 9AM-9PM EST. Access to the call center network should be restricted after hours. The research and development department has (3) unique special projects which will require over 1000 devices to be enabled to use IPV6. A new network should be created for this area. Finally, all addresses in the network are statically assigned resulting in high administration overhead when changes are needed XUMC would like this changed to lower administrative overhead. The Board of Director meet and decided to add a Security Analyst role to the team. The new Security Analyst has request the access restrictions be documented. The Finance Department should have restrictions...
Words: 526 - Pages: 3
...Active Directory structure and Domain Controller configuration: DHCP We will be using DHCP for wireless devices. All other devices (servers, printers, lab PCs, switches) will receive static IPs as they will all be permanent fixtures. I have DHCP enabled on both DC’s with a split-scope configured for the wireless address pool. This will help with load-balancing and will ensure that if DC1 goes down, wireless devices will still be able to receive an IP address from DC2. Active Directory Users and Computers User Groups are located under the Users container. All users will be in the Domain Users group, and then will be added to Domain Admins, Server Admins, Faculty, or Students based on role. Guest users will be added to Domain Guests. User accounts are generated with first initial, last name, and a number to distinguish duplicates (e.g. Anthony Matthews becomes amatthews001) Domain Controllers will remain in the Domain Controllers OU, Servers will be in the Servers OU, and workstations will be under the workstations OU in the OU that corresponds to their physical location (i.e. lab 1-3) This will allow us to apply GPOs to all devices based on location and role. Domain Controllers are WestSideDC01 and WestSideDC02, Lab machines are named with Lab name and an assigned number (e.g. Lab1PC1) Group Policy Management Currently I have the following options configured with group policy: Server Admins – adds the Server Admins security group to the Administrators group...
Words: 409 - Pages: 2