Security pro ch 6/7 labs
You work as the IT administrator for a growing corporate network. The Research and Development Department is working on product enhancements. Last year, some secret product plans were compromised. As a result, the company decided to implement smart cards for logon to every computer in the Research and Development Department. No user should be able to log onto the workstation without using a smart card.
Access the CorpDC server.In Hyper-V Manager, select CORPSERVER.Double-click CorpDC. Enforce the existing Research-DevGPO.From Server Manager, select Tools > Group Policy Management.Maximize the window for better viewing.From the left pane, expand Forest: CorpNet.local > Domains > CorpNet.local > Group Policy Objects.From the left pane, select the Research-DevGPO.From the Scope tab under Links, right-click Research-Dev and then select Enforced. Edit Research-DevGPO polices.From the left pane, right-click Research-DevGPO and then select Edit.Maximize the window for better viewing.Under Computer Configuration, expand Policies > Windows Settings > Security Settings > Local Policies.Select Security Options.From the right pane, double-click the policy and select Properties.Select Define this policy setting.Select additional parameters to configure the policy setting.Select OK.Repeat steps 3e-3h to configure the additional policy setting.
You are the IT security administrator for a small corporate network that has a single Active Directory domain named CorpNet.local. You are working on increasing the authentication security of the domain. Maximum lifetime for service ticket180 minutesMaximum lifetime for user ticket3 hoursMaximum lifetime for user ticket renewal3 daysMaximum tolerance for computer clock synchronization1 minute
Access the CorpNet.local Default Domain Policy.From Server Manager, select Tools > Group Policy Management.Maximize the window for better viewing.Expand Forest: CorpNet.local > Domains > CorpNet.local. Edit the Default Domain Policy to configure the Kerberos policy for computer configurations.Right-click Default Domain Policy and then select Edit.Maximize the window for better viewing.Under Computer Configuration, expand Policies > Windows Settings > Security Settings > Account Policies.Select Kerberos Policy.From the right pane, double-click the policy you want to edit.Configure the policy setting and then select OK.Repeat steps 2e - 2f for each policy setting.
You are the IT security administrator for a small corporate network. You are working to increase the authentication security of the domain. You need to make sure that only authorized users have administrative rights to all local machines. Local users and groups can be controlled through a GPO linked to the domain.
Access the CorpNet.local domain under Group Policy Management.From Server Manager, select Tools > Group Policy Management.Maximize the windows for better viewing.Expand Forest: CorpNet.local > Domains > CorpNet.local. Create a policy to update the built-in Administrator local group.Right-click Default Domain Policy and select Edit.Maximize the windows for better viewing.Under Computer Configuration, expand Preferences > Control Panel Settings.Right-click Local Users and Groups and select New > Local Group.Using the Group name drop-down, select Administrators (built-in).Select Delete all member users to remove all member users.Select Delete all member groups to remove all member groups.Select Add.In the Name field, enter BUILTIN\Administrator and then select OK.Select Add.In the Name field, enter %DOMAINNAME%\Domain Admins and then select OK.Select OK to save the policy.
You are the IT security administrator for a small corporate network. You would like to use Group Policy to enforce settings for certain workstations on your network. You have prepared and tested a security template file that contains policies that meet your company's requirements. In this lab, your task is to perform the following on CorpDC:
Access the CorpNet.local domain.From Server Manager, select Tools > Group Policy Management.Expand Forest: CorpNet.local > Domains > CorpNet.local.Maximize the window for better viewing. Create the Workstation Settings GPO and link it to the CorpNet.local domain.Right-click the Group Policy Objects OU and select New.In the Name field, enter the Workstation Settings and then click OK. Link OUs to the Workstation Settings GPO.Right-click the OU and select Link an Existing GPO.Under Group Policy Objects, select Workstation Settings from the list and then click OK.Repeat step 3 to link the additional OUs. Import the ws_sec.inf security policy template.Expand Group Policy Objects.Right-click Workstation Settings and select Edit.Under Computer Configuration, expand Policies > Windows Settings.Right-click Security Settings and select Import Policy.Browse to the C:\Templates.Select ws_sec.inf and then click Open.
You work as the IT security administrator for a small corporate network. You are improving office computers' security by renaming and disabling default computer accounts. In this lab, your task is to perform the following on the Office1 computer:
Access the computer's Computer Management tool.Right-click Start and select Computer Management.Under System Tools, expand Local Users and Groups.Select Users. Rename the Administrator account.From the center pane, right-click Administrator and select Rename.Enter Yoda and press Enter. Disable the Guest account.Right-click Guest and select Properties.Select Account is disabled and click OK. Remove Password never expires option if it is selected.Right-click a user and select Properties.Deselect Password never expires (if selected) and then select OK.Repeat step 4 for each user. Delete any unused accounts.Right-click the user that has User must change password at next logon selected and select Delete.Click Yes to confirm deletion of the account.
Maggie Brown (mbrown) and Corey Flynn (cflynn) have recently been hired in the human resources department. You have already created their user accounts. In this lab, your task is to: Add the hr group as a secondary group for the mbrown and cflynn user accounts. When you're finished, view the /etc/group file or use the groups command to verify the changes.
Add users to the hr group.At the prompt, type usermod -G hr mbrown and press Enter.Use usermod -G hr cflynn and press Enter. Verify the group membership for the users added to each group.Use groups mbrown and press Enter.Use groups cflynn and press Enter.
You are the IT administrator for a growing corporate network. You manage the certification authority for your network. As part of your daily routine, you perform several certificate management tasks. CorpCA, the certification authority, is a guest server on CorpServer2. In this lab, your task is to complete the following:
Approve the pending certificate request for tsutton and mmallory.Select Pending Requests.From the right pane, scroll to the Requester Name column.Right-click tsutton and select All Tasks > Issue to approve the certificate.Right-click mmallory and select All Tasks > Issue. Deny the pending request for CorpSrv12.Right-click CorpSrv12.CorpNet.com and select All Tasks > Deny.Select Yes. Revoke bchan's certificates.From the left pane, select Issued Certificates.From the right pane, right-click bchan.CorpNet.com and select All Tasks > Revoke Certificate.Using the Reason code drop-down menu list, select Key Compromise.Select Yes. Unrevoke the CorpDev3 certificate.From the left pane, select Revoked Certificates.From the right pane, right-click CorpDev3.CorpNet.com and select All Tasks > Unrevoke Certificate.
Salman Chawla (schawla) forgot his password and needs access to the resources on his computer. You are logged on as wadams. The password for the root account is 1worm4b8. In this lab, your task is to: Change the password for the schawla user account to G20oly04 (0 is a zero). Make sure the password is encrypted in the shadow file.
Change Salman Chawla's password.At the prompt, type su -c "passwd schawla", then press Enter.Type 1worm4b8, then press Enter. This is the password for the root user.At the New password prompt, type G20oly04, then press Enter. This is the new password for the schawla user account.At the Retype new password prompt, type G20oly04, then press Enter.
You use a special user account called Administrator to log on to your computer. However, you think someone has learned your password. You are logged on as Administrator. In this lab, your task is to change your password to r8ting4str. The current Administrator account uses 7hevn9jan as the password.
Change your password.At the prompt, type passwd and press Enter.When prompted, enter 7hevn9jan and press Enter. This is the current password.At the New password prompt, enter r8ting4str and press Enter.Retype r8ting4str as the new password and press Enter.
The VP of marketing has told you that Paul Denunzio will join the company as a market analyst in two weeks. You need to create a new user account for him. Create the pdenunzio user account. Include the full name, Paul Denunzio, as a comment for the user account. Set eye8cereal as the password for the user account. When you're finished, view the /etc/passwd file to verify the creation of the account.
Create the Paul Denunzio account and comment.From the Linux prompt, type useradd -c "Paul Denunzio" pdenunzio and press Enter. Create a password for Paul.Type passwd pdenunzio and press Enter.Type eye8cereal as the password and press Enter.Retype eye8cereal as the password and press Enter. Verify that the account was created.Type cat /etc/passwd A=510
You are the IT Administrator for the CorpNet.local domain. You are in the process of implementing a group strategy for your network. You have decided to create global groups as shadow groups for specific departments in your organization. Each global group will contain all users in the corresponding department.
Create the groups.Right-click the OU where the new group is to be added and select New > Group.In the Group name field, enter the name of the group.Make sure the Global Group scope is selected.Make sure the Security Group type is selected.Click OK. Add users to groups.In the right pane, right-click the user account(s) and select Add to a group. (Use the Ctrl or Shift keys to select and add multiple user accounts to a group at one time.)In the Enter the object names to select field, enter the name of the group.Select Check Names and verify that the object name was found.Click OK to accept the groups added.Click OK to acknowledge the change.If a sub-OU with users exist, double-click on the sub-OU and then repeat step 3. Do this for each sub-group. Repeat steps 2 - 3 for additional groups and users.
Terry Haslam (thaslam) was dismissed from the organization. His colleagues have harvested the files they need from his home and other directories. Your company security policy states that upon dismissal, users accounts should be removed in their entirety.
Delete the Terry Haslam account and home directory.At the prompt, type userdel -r thaslam and press Enter. Verify the account's removal.Type cat /etc/passwd and press Enter.Type ls /home and press Enter to verify that the account was removed.
You are the IT administrator for a small corporate network. You have just installed Active Directory on a new Hyper-V guest server named CorpDC. Now you need to create an Active Directory organizational unit (OU) structure based on the company's departmental structure. In this lab, your task is to create the following organizational units (OUs) on the CorpDC server and ensure that each is protected from accidental deletion as follows:
From the Virtual Machines pane, double-click CorpDC. Create the Active Directory organizational units (OUs) beneath the CorpNet.local domain.From Server Manager's menu bar, select Tools > Active Directory Users and Computers.From the left pane, right-click CorpNet.local and then select New > Organizational Uni Enter the name of the OU to be created. Ensure that Protect container from accidental deletion is selected and then select OK. Repeat steps 2b - 2d until all the required domain OUs are created. Create the OUs within the Sales OU.From the left pane, select CorpNet.local > Sales.From the menu bar, select the Create a new organizational unit in the current container icon.Enter the name of the OU to be created.Ensure that Protect container from accidental deletion is selected and then select OK.Repeat steps 3a - 3d to create the remaining OU.
You are the IT administrator for a corporate network. You have just installed Active Directory on a new Hyper-V guest server named CorpDC. You have created an Active Directory structure based on the company's departmental structure. While creating the structure, you added a Workstations OU in each of the departmental OUs. After further thought, you decide to use one Workstations OU for the entire company. As a result, you need to delete the departmental Workstations OUs.
From the Virtual Machines pane, double-click CorpDC. Delete the applicable OUs.From Server Manager, select Tools > Active Directory Users and Computers.Select View > Advanced Features.This enables the Advanced feature, allowing you to disable the OU from accidental deletion.From the left pane, expand CorpNet.local > the_parent OU.Right-click the OU that needs to be deleted and then select Properties.Select the Object tab.Clear Protect object from accidental deletion and then select OK.Right-click the OU to be deleted and then click Delete.Click Yes to confirm the OU's deletion.Repeat steps 2c - 2h to delete the remaining OUs. From the Active Directory Users and Computers menu bar, select View > Advanced Features to turn off the Advanced Features view.
You work as the IT security administrator for a small corporate network. The employee in Office 1 is working on a very sensitive project. Management is concerned that if the hard drive in the computer were stolen, sensitive information could be compromised. As a result, you have been asked to encrypt the entire System volume. The Office1 computer has a built-in TPM on the motherboard.
From the left pane, expand and select Security > TPM Security. From the right pane, select TPM Security and then select Apply. Select Activate and then select Apply. Select Exit.Your computer will automatically reboot. Turn BitLocker on.From the search field on the Windows taskbar, type Control.From Best match, select Control Panel.Select System and Security.Select BitLocker Drive Encryption.Under Operating system drive, select Turn on BitLocker. Windows begins the Drive Encryption setup. Back up a BitLocker recovery key.Select Save to a file.In the left pane, expand and select Network > CorpServer > BU-Office1.Select Save.Select Next. Configure BitLocker encryption.Select Encrypt entire drive and then select Next.Make sure that New encryption mode is selected and then select Next.Select Run BitLocker system check and then select Continue.Select Restart now.
You are the IT administrator for the CorpNet domain. You have decided to use groups to simplify the administration of access control lists. Specifically, you want to create a group containing the department managers.
In the Users container, create a group named Managers. From the left pane, expand and select CorpNet.local > Users. Right-click the Users container and select New > Group In the Group name field, enter Managers.A pre-Windows 2000 group name is created automatically, but it can be changed. Under Group scope, make sure Global is selected. Under Group type, make sure Security is selected and select OK. Add user accounts to the Managers group.From the left pane, ensure that the Users container is still selected.From the right pane, right-click Managers and select Properties.Select the Members tab.Select Add.In the Enter the object names to select field, enter all the usernames. Use a semicolon to separate each name.Example: Steve Hoffer; Peter Williams; Princess DianaSelect Check Names.Select OK to add the users and close the dialog.
Listen to simulation instructions Every seven years, your company provides a six-week sabbatical for every employee. Vera Edwards (vedwards), Corey Flynn (cflynn), and Bhumika Kahn (bkahn) are leaving today. Maggie Brown (mbrown), Brenda Cassini (bcassini), and Arturo Espinoza (aespinoza) are just returning. The company security policy mandates that user accounts for employees gone for longer than two weeks be disabled.
Lock the applicable accounts.At the prompt, type usermod -L vedwards or passwd -l vedwards and press Enter.Type usermod -L cflynn or passwd -l cflynn and press Enter.Type usermod -L bkahn or passwd -l bkahn and press Enter. Unlock the applicable accounts.Type usermod -U mbrown or passwd -u mbrown and press Enter.Type usermod -U bcassini or passwd -u bcassini and press Enter.Type usermod -U aespinoza or passwd -u aespinoza and press Enter. Verify your changes by typing cat /etc/shadow and pressing Enter.The inclusion of the exclamation point (!) in the password field indicates whether the account is disabled.
Listen to simulation instructions You are the IT administrator for a small corporate network. The company has a single Active Directory domain named CorpNet.xyz. You need to increase the domain's authentication security. You need to make sure that User Account Control (UAC) settings are consistent throughout the domain and in accordance with industry recommendations.
On CorpDC, access the CorpNet.local domain for Group Policy Management.From Hyper-V Manager, select CORPSERVER.Double-click CorpDC.From Server Manager, select Tools > Group Policy Management.Maximize the window for easy viewing.Expand Forest: CorpNet.local > Domains > CorpNet.local. Configure the UAC settings.Right-click Default Domain Policy and select Edit.Maximize the window for easier viewing.Under Computer Configuration, expand and select Policies > Windows Settings > Security Settings > Local Policies > Security Options.From the right pane, double-click the policy you want to edit.Select Define this policy setting.Select Enable or Disable as necessary.Edit the value for the policy as needed and then click OK.Repeat steps 2d-2g for each policy setting.
Listen to simulation instructions At work, you share a computer with other users. You want to secure the contents of the Finances folder so that unauthorized users cannot view its contents.
Open the D: drive.From the Windows taskbar, select File Explorer.From the left pane, select This PC.From the right pane, double-click Data (D:). Encrypt the Finances folder.Right-click Finances and then select Properties.Select Advanced.Select Encrypt contents to secure data and then select OK.Select OK to close the properties dialog.Select OK to confirm the attribute changes. Give Susan authorization to modify the 2020report.xls file.Double-click Finances.Right-click 2020report.xls and then select Properties.Select Advanced.Select Details.Select Add.Select Susan and then select OK.Select OK as many times as needed to close all remaining dialogs.
Brenda Cassini (bcassini) was recently married. You need to update her Linux user account to reflect her new last name of Palmer. You are currently logged in as the root account, so you won't need to use the sudo command to get permissions to perform the required tasks.
Rename the bpalmer account and move her home directory.From the Favorites bar, select TerminalFrom the Terminal prompt, type usermod -l bpalmer bcassini -m -c "Brenda Palmer" -d /home/bpalmer and press Enter. Verify account modification.Type cat /etc/passwd and press Enter.Find the line that shows that Brenda's account has been changed.Type ls /home and press Enter to verify that the account was modified.
Currently, all the salespeople in your company belong to a group called sales. The VP of sales wants two sales groups, a western sales division and an eastern sales division. Rename the sales group to western_sales_division. Create the eastern_sales_division group. Remove aespinoza as a member of the western_sales_division group. Assign aespinoza as a member of the eastern_sales_division group. When you're finished, view the /etc/group file or use the groups command to verify the changes.
Rename the sales group western_sales_division and create the eastern_sales_division group.At the prompt, type groupmod -n western_sales_division sales and press Enter.Type groupadd eastern_sales_division and press Enter. Modify the group membership as needed.Type usermod -G eastern_sales_division aespinoza and press Enter Use cat /etc/group or groups aespinoza to verify aespinoza's group membership.
Listen to simulation instructions You have been asked to perform administrative tasks for a computer that is not a member of a domain. To increase security and prevent unauthorized access to the computer, you need to configure specific password and account lockout policies. In this lab, your task is to use the Local Security Policy to configure the following password and account lockout policies:
Using Windows Administrative Tools, access the Local Security Policy.Select Start.Locate and expand Windows Administrative Tools.Select Local Security Policy.Maximize the window for easier viewing. Configure the password policies.From the left pane, expand Account Policies and then select Password Policy.From the center pane, expand the Policy column.Double-click the policy to be configured.Configure the policy settings.Click OK.Repeat steps 2c-2e to configure the additional password policies. Configure the account lockout policies.From the left pane, select Account Lockout Policy.From the center pane, expand the Policy column.Double-click the policy to be configured.Configure the policy settings (if needed, answer any prompts shown).Click OK.Repeat steps 3c-3e to configure the additional lockout policies.
Corey Flynn (cflynn) currently belongs to several groups. Due to some recent restructuring, he no longer needs to be a member of the hr group. To preserve existing group membership, use the usermod -G command to list all groups to which the user must belong. Do not include the primary group name in the list of groups. In this lab, your task is to: Remove cflynn from the hr group. Preserve all other group memberships. View the /etc/group file or use the groups command to verify the changes.
View a list of all groups to which Cory Flynn belongs.At the prompt, type groups cflynn and press Enter.Notice that cflynn currently belongs to the mgmt1, hr, and it secondary groups. The cflynn group is the user's primary group. Change and verify Cory Flynn's group membership.Type usermod -G mgmt1,it cflynn and press Enter.Type groups cflynn and press Enter.Cory now only belongs to the mgmt1 and it groups.
In this lab, your task is to use MD5 hash files to confirm that the Release.zip file was unaltered. From Windows PowerShell: Generate a file hash for the Release.zip file. View the hash of the original file stored in the release821hash.txt file. Use the following command to compare the original hash of the Release.zip file to its calculated hash to see if they match:
View the files in the C:\Downloads folder.Right-click Start and select Windows PowerShell (Admin).At the prompt, type cd C:\downloads and press Enter to navigate to the directory that contains the files.Type dir and press Enter to view the available files. Confirm that the Release.zip file is unaltered.Type get-filehash Release.zip -a md5 and press Enter to view the MD5 hash.Type get-content release821hash.txt and press Enter to view the known hash contained in the .txt file.Type "new hash" -eq "known hash" and press Enter to determine whether the file hashes match
You are the IT administrator for a small corporate network. You recently added an Active Directory domain to the CorpDC server to manage network resources centrally. You now need to add user accounts in the domain. In this lab, your task is to create the following user accounts on CorpDC:
corp dc-tools-ad users and computers-corpnet.local<ou>new user>first name-last name-logon name-password asdf1234$-change password on logon-repeat>Right-click Borey Chan and select Properties. Select the Account tab. Select Logon hours. From the Logon Hours dialog, select Logon Denied to clear the allowed logon hours. Select the time range of 8:00 a.m. to 5:00 p.m., Monday through Friday. Select Logon Permitted to allow logon. Select OK. Under Account expires, select End of. In the End of field, use the drop-down calendar to select 31 December of the current year. Select OK.
You are the IT administrator for a small corporate network. You recently added an Active Directory domain on the CorpDC server to manage network resources centrally. Organizational units in the domain represent departments. User and computer accounts are in their respective departmental OUs. Over the past few days, several personnel changes have occurred that require changes to user accounts.
corpdc-tools-ad users and computers-corpnet.local-accounting-mary barnes reset password-asdf1234$-change password on logon-unlock user account-disable mark woods-enable pat-benton-rename andrea-select both tom and jaince and limit their logon to the Support computer