Chapter 10 labs

10.4.12 Implement Data Execution Preventions

Complete this lab as follows: Access the Advanced system settings (System Properties).Right-click Start and then select System.From the left pane, select About.From the right pane, under Related settings, select System info.Select Advanced system settings to open the System Properties dialog. Configure Data Execution Prevention.From the Advanced tab, under Performance, select Settings.Select the Data Execution Prevention tab.Select Turn on DEP for all programs and services except those I select.Select Add.Open the C:\Program Files (x86)\AccountWizard folder.Select AccountWizard.exe.Select Open.Make sure AccountWizard.exe is selected and then select OK.Select OK to confirm that a system restart is needed.Select OK to close System Properties.Select Restart Now to restart the computer and activate DEP.

10.4.10 Implement Application Whitelisting with AppLocker

Complete this lab as follows: Access the CorpNet.local domain under Group Policy Management.From Server Manager's menu bar, select Tools > Group Policy Management.Maximize the window for better viewing.Expand Forest: CorpNet.local > Domains > CorpNet.local. Access the AppLocker policy.Right-click Default Domain Policy and select Edit.Maximize the window for better viewing.Under Computer Configuration, expand and select:Policies > Windows Settings > Security Settings > Application Control Policies > AppLocker. Configure rule enforcement.From the right pane, select Configure rule enforcement.Under Executable rules, select Configured.Make sure Enforce rules is selected in the drop-down list.Select OK. Configure a Publisher rule and allow the Support group to run the call center software.From the left pane, expand AppLocker.Right-click Executable Rules and then select Create New Rule.Select Next.Make sure Allow is selected.For User or group, click Select.In the Enter the object names to select box, type Support and then select OK.Select Next.Make sure Publisher is selected; then select Next.For the Reference file, select Browse.Browse to and select the C:\CallCenter\CallStart.exe file.Select Open.Slide the pointer from File version to Publisher and then select Next.Select Next.Accept the default name and select Create.Select Yes to create the default rules.Notice that the Publisher rule was created.

10.3.10 Clear the Browser Cache

Complete this lab as follows: Delete all items from your Google Chrome history.From the Windows taskbar, select Google Chrome.In the upper right, select the ellipsis (three dots) and then select History > History.Maximize the window for easier viewing.Select Clear browsing data.Select Advanced.For the Time range field, use the drop-down menu to select All time.Make sure the following items are checked:Browsing historyDownload historyCookies and other site dataCached images and filesHosted app dataSelect Clear data.

10.3.15 Perform an SQL Injection Attack

Complete this lab as follows: Look up Blake Jackson's account balance.From the taskbar, select Google Chrome.Maximize the window for easier viewing.In the URL field, type mysecureonlinebank.com and then press Enter.In the Enter your Account Number field, enter 90342.Select Lookup. Answer Question 1.In the top right, select Answer Questions.Answer Question 1. Perform a simple SQL attack.In the Enter your Account Number field, enter 0 OR 1=1 for the SQL injection.Select Lookup. Answer Question 2 and then select Score Lab. Q1What is your account balance? $582.29 Q2What is the account number of Nisha Dickson? 90003

10.1.5 Allow SSL Connections

Complete this lab as follows: Open the IIS Manager to the CorpNet.xyz site.From the Server Manager's menu bar, select Tools > Internet Information Services (IIS) Manager.Expand CorpWeb(CorpNet.com\Administrator) > Sites.Select CorpNet.xyz. Add a binding to the CorpNet website.From the Actions pane (far right), select Bindings.Select Add.Using the Type drop-down menu, select HTTPS.Make sure the port is set to 443.Using the SSL certificate drop-down menu, select www.CorpNet.xyz and then select OK.Select Close.