CySA+_257L

In this lab, your task is to: Determine which rainbowcrack charset includes all the characters required for your company's website password requirements. Create md5 and sha1 rainbow tables using rtgen. Sort the rainbow tables using rtsort. Analyze the passwords using rcrack. Answer the questions. The type of charset that can be used to create a rainbow table is stored in the /usr/share/rainbowcrack/charset.txt file. This file can be viewed using the cat command. (2/2)

Q1 Which charset supports the company's password requirements? -ascii-32-95 Q2 What is the password for hash 202cb962ac59075b964b07152d234b70? -lmnop Q3 What is the password for hash 400238780e6c41f8f790161e6ed4df3b?-S3cur3Dev!ce Q4 What is the password for hash 89BF04763BF91C9EE2DDBE23D7B5C730BDD41FF2? -DisneyL@nd3 Q5 Which of the passwords found do not meet the company's password policy? -lmnop

Allow the following MAC and IP address to pass through the portal: MAC: 00:00:1C:11:22:33 IP: 198.28.1.100/16 Give the IP address the description of Security analyst's laptop (2/2)

see above

In this lab, your task is to complete the following: Approve the pending certificate request for a smart card certificate from mlopez. Deny the pending web server certificate request for CorpSrv16. User bnguyen lost his smartcard. Revoke the certificate assigned to bnguyen.CorpNet.com using the Key Compromise reason code. User tsutton has left his company. Revoke the certificate assigned to tsutton.CorpNet.com using the Change of Affiliation reason code. Unrevoke the CorpDev2 certificate. (2/2)

see above

You are the security analyst for a small corporate network. You are attempting to improve the password security of the Windows 10 laptop located in the Lobby. In each policy, the Explain tab provides a description of the policy's effects to help you identify the policies and values to configure. In this lab, your task is to use the Local Security Policy tool to configure password restrictions as follows: New passwords cannot be the same as the previous 4 passwords. Passwords must be changed every 30 days. New passwords cannot be changed for at least 2 days. Passwords must be at least 10 characters long. Passwords must contain non-alphabetical characters. Automatically unlock locked accounts after 1 hour. Lock the user account after four incorrect logon attempts within a 40-minute period. Policy changes will not be enforced within the simulation.

Complete this lab as follows: Access the Local Security Policy. Select Start > Windows Administrative Tools. Select Local Security Policy. Maximize the window for easier viewing. Configure the password policies. From the left pane, expand and select Account Policies > Password Policy. Double-click the policy you want to configure. Configure the policy settings. Select OK. Repeat steps 2b-2d to configure additional policies. Configure the account lockout policies. From the left pane, select Account Lockout Policy. Double-click the policy you want to configure. Configure the policy settings. Select OK. Repeat steps 3b-3d to configure policy settings.

You are the security analyst for a small corporate network. You are currently using pfSense as your security appliance. In this lab, your task is to: Change the password for the default pfSense account from pfsense to: Donttre@donme Create a new administrative user with the following parameters: Username: lyoung Password: C@nyouGuess!t Full Name: Liam Young Group Membership: admins Set a session timeout of 20 minutes for pfSense. Disable the webConfigurator anti-lockout rule for HTTP. Access the pfSense management console through Google Chrome using: http://198.28.56.22 Default username: admin Password: pfsense

Complete this lab as follows: Access the pfSense management console. From the taskbar, select Google Chrome. Maximize the window for better viewing. In the Google Chrome address bar, enter 198.28.56.22 and then press Enter. Enter the pfSense sign-in information as follows: Username: admin Password: pfsense Select SIGN IN. Change the password for the default (admin) account. From the pfSense menu bar, select System > User Manager. For the admin account, under Actions, select the Edit user icon (pencil). For the Password field, change to Donttre@donme. For the Confirm Password field, enter Donttre@donme. Scroll to the bottom and select Save. Create and configure a new pfSense user. Select Add. For Username, enter lyoung. For the Password field, enter C@nyouGuess!t. For the Confirm Password field, enter C@nyouGuess!t. For Full Name, enter Liam Young. For Group Membership, select admins and then select Move to Member of list. Scroll to the bottom and select Save. Set a session timeout for pfSense. Under the System breadcrumb, select Settings. For Session timeout, enter 20. Select Save. Disable the webConfigurator anti-lockout rule for HTTP. From the pfSense menu bar, select System > Advanced. Under webConfigurator, for Protocol, select HTTP. Select Anti-lockout to disable the webConfigurator anti-lockout rule. Scroll to the bottom and select Save.

You are the security analyst for a small corporate network. To increase security for the corporate network, you have installed the pfSense network security appliance on your network. Using pfSense, you now need to configure DNS and a default gateway. In this lab, your task is to: Sign in to pfSense using the following case-sensitive information: URL: 198.28.56.22 Username: admin Password: pfsense Configure the DNS servers as follows: Primary DNS server: 163.128.78.93 - Hostname: DNS1 Secondary DNS server: 163.128.80.93 - Hostname: DNS2 Configure the WAN IPv4 information as follows: Enable the interface. Use a static IPv4 address of 65.86.24.136/8 Add a new gateway using the following information: Type: Default gateway Name: WANGateway IP address: 65.86.1.1

Complete this lab as follows: Access the pfSense management console. From the taskbar, select Google Chrome. Maximize the window for better viewing. In the address bar, type 198.28.56.22 and then press Enter. Sign in using the following case-sensitive information: Username: admin Password: pfsense Select SIGN IN or press Enter. Configure the DNS Servers. From the pfSense menu bar, select System > General Setup. Under DNS Server Settings, configure the primary DNS server as follows: Address: 163.128.78.93 Hostname: DNS1 Gateway: None Select Add DNS Server to add a secondary DNS server and then configure it as follows: Address: 163.128.80.93 Hostname: DNS2 Gateway: None Scroll to the bottom and select Save. Configure the WAN settings. From pfSense menu bar, select Interfaces > WAN. Under General Configuration, select Enable interface. Use the IPv4 Configuration Type drop-down to select Static IPv4. Under Static IPv4 Configuration, in the IPv4 Address field, enter 65.86.24.136. Use the IPv4 Address subnet drop-down to select 8. Under Static IPv4 Configuration, select Add a new gateway. Configure the gateway settings as follows: Default: Select Default gateway Gateway name: Enter WANGateway Gateway IPv4: 65.86.1.1 Select Add. Scroll to the bottom and select Save. Select Apply Changes.

You are the security analyst for a small corporate network. Part of your role is to ensure secure access to the company website. You want to verify that the passwords being used meet the company's requirements. To do this, you captured some password hashes in a file named captured_hashes.txt and saved it in the /root directory. You want to use a rainbow table to analyze the passwords captured in this hash file to see if they meet the company's website requirements. The password requirements for your website are as follows: The password must be eight or more characters in length. The password must include at least one upper and one lowercase letter. The password must have at least one of these special characters: !, ", #, $, %, &, _, ', *, or @ All passwords are encrypted using an md5 or sha1 hash algorithm. (1/2)

Complete this lab as follows: Determine which rainbowcrack charset includes all the character required for your company's password requirements. From the Favorites bar, select Terminal. At the prompt, type cat /usr/share/rainbowcrack/charset.txt Press Enter. In the top right, select Answer Questions. Answer Question 1. Create and sort an md5 and sha1 rainbow crack table. At the prompt, type rtgen md5 ascii-32-95 1 20 0 1000 1000 0 and press Enter to create a md5 rainbow crack table. Type rtgen sha1 ascii-32-95 1 20 0 1000 1000 0 and press Enter to create a sha1 rainbow crack table. Type rtsort . and press Enter to sort the rainbow table. Analyze the passwords using rcrack. Type rcrack . -l /root/captured_hashes.txt and press Enter to crack the password contained in a hash file. Answer Questions 2-5. Select Score Lab.

You are the security analyst for a small corporate network. To protect your Bluetooth devices from attacks, you want to discover which Bluetooth devices are running in your company and gather information about each of them. In this lab, your task is to use the Terminal to: Use hciconfig to discover and enable the onboard Bluetooth adapter. Use hcitool to find all of the Bluetooth devices. Answer Question 1. Use l2ping to determine if the Bluetooth device is alive and within range. Answer Question 2. Use sdptool to query Francisco's laptop to determine the Bluetooth services available on the device. Answer Question 3. Use hcitool to determine the clock offset and class for Brian's Braven Speaker device. Answer Question 4.

Complete this lab as follows: Initialize the Bluetooth adapter. From the Favorites bar, select Terminal. At the prompt, type hciconfig and press Enter to view the onboard Bluetooth adapter. Type hciconfig hci0 up and press Enter to initialize the adapter. Type hciconfig and press Enter to verify that the adapter is up and running. Find all Bluetooth devices within range. Type hcitool scan and press Enter to view the detected Bluetooth devices and their MAC addresses. In the top left, select Answer Questions. Answer Question 1. Determine if the Bluetooth devices found are in range. Type l2ping MAC_address and press Enter to determine if the Bluetooth device is in range. Press Ctrl + c to stop the ping process. To copy the MAC addresses from the scan, highlight the MAC address and then right-click. Repeat steps 3a-3b for all the devices. Answer Question 2. Find details for Francisco's laptop using sdptool. Type sdptool browse AF:52:23:92:EF:AF and press Enter to view the details for Francisco's laptop. Answer Question 3. Find details for Brian's Echo Show using hcitool. Type hcitool inq and press Enter to determine the clock offset and class for each device. Answer Question 4. Select Score Lab. Q1 As a result of the scan, how many devices were found?-6 Q2 How many of the devices scanned were alive and in range?-6 Q3 Which service searches were successful on Francisco's Precision Laptop?-Ad Hoc User Service, Device ID Service Record Q4 Using the MAC address, what is the class ID number for the Brian;s Braven speaker? 0x248080

Based on your review of physical security, you have recommended several improvements. Your plan includes smart card readers, IP cameras, signs, and access logs. Implement your physical security plan by dragging the correct items from the shelf into the various locations in the building. As you drag the items from the shelf, the possible drop locations are highlighted. In this lab, your task is to: Install the smart card key readers in the appropriate locations to control access to key infrastructure. Install the IP security cameras in the appropriate locations to record which employees access the key infrastructure. Install a Restricted Access sign in the appropriate location to control access to the key infrastructure. Add the visitor log to a location appropriate for logging visitor access.

Complete this lab as follows: Install the smart card key readers. From the Shelf, expand Door Locks. Drag a Smart Card Reader from the shelf to the highlighted location outside the building's front door. Drag a Smart Card Reader from the shelf to the highlighted location outside the Networking Closet's door. Install the IP security cameras. From the Shelf, expand CCTV Cameras. Drag the IP Security Camera from the shelf to the highlighted circle inside the Networking Closet. Drag the IP Security Camera from the shelf to just outside the Networking Closet. Install the Restricted Access sign. From the Shelf, expand Restricted Access Signs. Drag the Restricted Access Sign from the shelf to the Networking Closet door. Install the visitor log. On the Shelf, expand Visitor Logs. Drag the Visitor Log from the shelf to the Lobby desk.

You are the security analyst for a small corporate network. The receptionist, Maggie Brown, uses an iPad to manage employee schedules and messages. You need to help her make the iPad more secure. The current simple passcode for her iPad is 3141. In this lab, your task is to: Set a secure passcode on the iPad as follows: Require a passcode: After 5 minutes New passcode: youwontguessthisone Turn simple passcodes off. Configure the iPad to erase data after 10 failed passcode attempts.

Complete this lab as follows: On the iPad, set Require Passcode for 5 minutes. Select Settings. From the left menu, select Touch ID & Passcode. Enter 3141 for the passcode. From the right pane, select Require Passcode Select After 5 minutes. Turn off simple passcodes. At the top, select Passcode Lock. Next to Simple Passcode, slide the switch to turn off simple passcodes. Enter 3141 for the passcode. Enter youwontguessthisone as the new passcode and then select Next. Enter youwontguessthisone to re-enter the new passcode and then select Done. Configure the iPad to erase data after 10 failed passcode attempts. From the Touch ID & Passcode page, next to Erase Data, slide the switch to enable Erase Data. Select Enable.

You are the security analyst for a small corporate network. You want to make sure that guests visiting your company have limited access to the internet. You have chosen to use pfSense's captive portal feature. Guests must pass through this portal to access the internet. In this lab, your task is to: Access the pfSense management console: Username: admin Password: P@ssw0rd (zero) Add a captive portal zone named WiFi-Guest. Use the description Guest wireless access zone Using the GuestWi-Fi interface, configure your portal as follows: Allow a maximum of 50 concurrent connections. Disconnect user from the internet if their connection is inactive for 15 minutes. Disconnect user from the internet after 45 minutes regardless of their activity. Limit users' downloads and uploads to 7000 and 2400 Kbit/s, respectively. Force to pass through your portal prior to authentication. (1/2)

Complete this lab as follows: Sign into the pfSense management console. In the Username field, enter admin. In the Password field, enter P@ssw0rd (zero). Select SIGN IN or press Enter. Add a captive portal zone. From the pfSense menu bar, select Services > Captive Portal. Select Add. For Zone name, enter WiFi-Guest. For Zone description, enter Guest wireless access zone. Select Save & Continue. Enable and configure the captive portal. Under Captive Portal Configuration, select Enable. For Interfaces, select GuestWi-Fi. For Maximum concurrent connections, select 50. For Idle timeout, enter 15. For Hard timeout, enter 45. Scroll down and select Per-user bandwidth restriction. For Default download (Kbit/s), enter 7000. For Default upload (Kbit/s), enter 2400. Under Authentication, use the drop-down menu to select None, don't authenticate users. Scroll to the bottom and select Save. Allow a MAC address to pass through the portal. From the Captive Portal page, select the Edit Zone icon (pencil). Under the Services breadcrumb, select MACs. Select Add. Make sure the Action field is set to Pass. For Mac Address, enter 00:00:1C:11:22:33. Select Save. Allow an IP address to pass through the portal. Under the Services breadcrumb, select Allowed IP Addresses. Select Add. For IP Address, enter 198.28.1.100. Use the IP address drop-down menu to select 16. This sets the subnet mask to 255.255.0.0. For the Description field, enter Security analyst's laptop. Make sure Direction is set to Both. Select Save.

You are the security analyst for a small corporate network. You are concerned about unauthorized activity in your DMZ. You have decided to set up a honeypot to study hacking attempts. In this lab, your task is to: Create a honeypot on the computer named www_stage using Pentbox. Using Google Chrome, test the honeypot on the computer named Marketing3 using the www_stage.corpnet.xyz URL. Using the www_stage system, review the effects of the intrusion. Answer the questions.

Complete this lab as follows: Use Pentbox to create a honeypot on www_stage.From the Favorites bar, select Terminal.At the prompt, type cd pentbox-1.8 and press Enter to change to the pentbox directory.Type ./pentbox.rb and press Enter to start Pentbox.Type 2 and press Enter to select Network Tools.Type 3 and press Enter to select Honeypot.Type 1 and press Enter to select Fast Auto Configuration. From the Analyst-Lap computer, test the honeypot using Google Chrome.From the top navigation tabs, select Buildings.Under Building A, select Floor 2.Under Marketing Group B, select Marketing3.From the taskbar, select Google Chrome.In the URL field, enter www_stage.corpnet.xyz and press Enter.In the top right, select Answer Questions.Answer Question 1.Minimize the Lab Questions dialog. Review the effects of the intrusion on www_stage.From the top navigation tabs, select Building A.Under Building A, select Basement.Under Basement, select www_stage.Notice the INTRUSION ATTEMPT DETECTED message at the bottom of the Pentbox window. Answer the questions.In the top right, select Answer Questions.Answer Question 2.Select Score Lab.

You are the security analyst for a growing corporate network. You manage the certification authority for your network. As part of your daily routine, you perform several certificate management tasks. CorpCA, the certification authority, is a guest server on CorpServer2. Your network uses smart cards to control access to sensitive computers. Currently, the approval process dictates that you manually approve smart card certificate requests. In this lab, your task is to complete the following: (1/2)

Complete this lab. From CorpCA, access Certification Authority. From Hyper-V Manager, select CORPSERVER2. Maximize the window for easier viewing. From the Virtual Machines pane, double-click CorpCA. From Server Manager's menu bar, select Tools > Certification Authority. Maximize the window for easier viewing. From the left pane, expand CorpCA-CA. Approve the pending smart card certificate request for mlopez. Select Pending Requests. From the right pane, right-click on the line containing the mlopez request and select All Tasks > Issue to approve the certificate. Deny the pending smart card certificate request for CorpSrv16. Right-click on the line containing CorpSrv16.CorpNet.com and select All Tasks > Deny. Select Yes. Revoke bnguyen's and tsutton's certificates. From the left pane, select Issued Certificates. From the right pane, right-click bnguyen.CorpNet.com and select All Tasks > Revoke Certificate. Using the Reason code drop-down, select Key Compromise. Select Yes. Right-click tsutton and select All Tasks > Revoke Certificate. Using the Reason code drop-down, select Change of Affiliation. Select Yes. Unrevoke the CorpDev2 certificate. From the left pane, select Revoked Certificates. From the right pane, right-click CorpDev2.CorpNet.com and select All Tasks > Unrevoke Certificate.