Ch 10 Labs

You work as the IT security administrator for a small corporate network. You are configuring the computer in Office 1 to use Data Execution Prevention (DEP) for all programs and services. You have noticed that the accounting program used on some computers does not function well when DEP is enabled. In this lab, your task is to configure DEP as follows: Enable DEP for all files. Disable DEP for C:\Program Files (x86)\AccountWizard\AccountWizard.exe. Restart the computer to activate DEP.

Access the Advanced system settings (System Properties). Right-click Start and then select System. From the left pane, select About. From the right pane, under Related settings, select System info. Select Advanced system settings to open the System Properties dialog. Configure Data Execution Prevention. From the Advanced tab, under Performance, select Settings. Select the Data Execution Prevention tab. Select Turn on DEP for all programs and services except those I select. Select Add. Open the C:\Program Files (x86)\AccountWizard folder. Select AccountWizard.exe. Select Open. Make sure AccountWizard.exe is selected and then select OK. Select OK to confirm that a system restart is needed. Select OK to close System Properties. Select Restart Now to restart the computer and activate DEP.

You are the IT security administrator for a small corporate network. You are increasing network security by implementing application whitelisting. Your first step is to prevent applications not located in the operating system directory or the program files directory from running on your computers. In addition, the call center application used by the support team runs from C:\CallCenter\CallStart.exe and must be allowed to run. You also want any future versions of the call center application to run without changing any settings. In this lab, your task is to configure AppLocker in the default domain policy as follows: Create the default rules. Allow all files located in the Program Files folder. Allow all files located in the Windows folder. Configure a publisher rule that will allow future updates from the same vendor. Allow the Support group to run the call center software found in C:\CallCenter\CallStart.exe.

Access the CorpNet.local domain under Group Policy Management. From Server Manager's menu bar, select Tools > Group Policy Management. Maximize the window for better viewing. Expand Forest: CorpNet.local > Domains > CorpNet.local. Access the AppLocker policy. Right-click Default Domain Policy and select Edit. Maximize the window for better viewing. Under Computer Configuration, expand and select: Policies > Windows Settings > Security Settings > Application Control Policies > AppLocker. Configure rule enforcement. From the right pane, select Configure rule enforcement. Under Executable rules, select Configured. Make sure Enforce rules is selected in the drop-down list. Select OK. Configure a Publisher rule and allow the Support group to run the call center software. From the left pane, expand AppLocker. Right-click Executable Rules and then select Create New Rule. Select Next. Make sure Allow is selected. For User or group, click Select. In the Enter the object names to select box, type Support and then select OK. Select Next. Make sure Publisher is selected; then select Next. For the Reference file, select Browse. Browse to and select the C:\CallCenter\CallStart.exe file. Select Open. Slide the pointer from File version to Publisher and then select Next. Select Next. Accept the default name and select Create. Select Yes to create the default rules.

You use Google Chrome as your web browser on the desktop computer in your dorm room. You are concerned about privacy and security while surfing the web. You are also concerned about exploits that harvest data from your Google Chrome browsing history. In this lab, your task is to delete the following items from your Google Chrome browser history for all time: Browsing history Download history Cookies and other site data Cached images and files Hosted app data

Delete all items from your Google Chrome history. From the Windows taskbar, select Google Chrome. In the upper right, select the ellipsis (three dots) and then select History > History. Maximize the window for easier viewing. Select Clear browsing data. Select Advanced. For the Time range field, use the drop-down menu to select All time. Make sure the following items are checked: Browsing history Download history Cookies and other site data Cached images and files Hosted app data Select Clear data.

Answer Question 2.

Look up Blake Jackson's account balance. From the taskbar, select Google Chrome. Maximize the window for easier viewing. In the URL field, type mysecureonlinebank.com and then press Enter. In the Enter your Account Number field, enter 90342. Select Lookup. Answer Question 1. In the top right, select Answer Questions. Answer Question 1. Perform a simple SQL attack. In the Enter your Account Number field, enter 0 OR 1=1 for the SQL injection. Select Lookup. Answer Question 2 and then select Score Lab.

Open the IIS Manager to the CorpNet.xyz site. From the Server Manager's menu bar, select Tools > Internet Information Services (IIS) Manager. Expand CorpWeb(CorpNet.com\Administrator) > Sites. Select CorpNet.xyz. Add a binding to the CorpNet website. From the Actions pane (far right), select Bindings. Select Add. Using the Type drop-down menu, select HTTPS. Make sure the port is set to 443. Using the SSL certificate drop-down menu, select www.CorpNet.xyz and then select OK. Select Close.

Open the IIS Manager to the CorpNet.xyz site. From the Server Manager's menu bar, select Tools > Internet Information Services (IIS) Manager. Expand CorpWeb(CorpNet.com\Administrator) > Sites. Select CorpNet.xyz. Add a binding to the CorpNet website. From the Actions pane (far right), select Bindings. Select Add. Using the Type drop-down menu, select HTTPS. Make sure the port is set to 443. Using the SSL certificate drop-down menu, select www.CorpNet.xyz and then select OK. Select Close.