Kaplan It541 all assignments

Kaplan It541

Lab #1 Implementing Access Controls with Windows Active Directory

Assignment Grading Rubric

Course: IT541 Unit: 1 Points: 50

Assignment 1

Outcomes addressed in this activity:

Unit Outcomes:

• Distinguish between the two main categories of security controls.
• Distinguish the security areas within the CIA triad.

Course Outcomes:

IT541-2: Compare authentication and encryption methods.

Assignment Instructions

This Assignment provides a "hands on" element to your studies. It gives you the opportunity to work with the protocols and see how they operate in real-world environments. Read and perform the lab entitled "IT 541 Unit 1 Assignment Lab" found in Doc Sharing; use the lab sheet included at the end of the lab file to submit your results.

Directions for Submitting Your Assignment

Use the Lab #1 Worksheet document found at the back of the lab instructions as a guide for what to submit, and save it as a Word® document, entitled Username-IT541 Assignment-Unit#.doc (Example: TAllen- IT541 Assignment-Unit1.doc). Submit your file by selecting the Unit 1: Assignment Dropbox by the end of Unit 1.

Assignment Requirements

• Answers contain sufficient information to adequately answer the questions
• No spelling errors
• No grammar errors

*Two points will be deducted from your grade for each occurrence of not meeting these requirements.

For more information and examples of APA formatting, see the resources in Doc Sharing or visit the KU Writing Center from the KU Homepage.

Also review the KU Policy on Plagiarism. This policy will be strictly enforced on all applicable assignments and discussion posts. If you have any questions, please contact your professor.

Review the grading rubric below before beginning this activity.

Unit 1 Assignment Grading Rubric = 50 points

Assignment Requirements	Points Possible	Points Earned
Document demonstrates that the student was able to correctly implement an Active Directory system administrative configuration for groups and users.	0–10
Document demonstrates that the student was able to correctly implement global domain departmental groups and user accounts.	0–10
Document demonstrates that the student was able to correctly implement departmental group and user folders with unique access rights per defined requirements.	0–10
Document demonstrates that the student was able to correctly access the server as a user and test errors encountered when attempting to create and save data files.	0–10
Document demonstrates that the student was able to correctly implement a list of new and modified access control parameters in order to create more stringent access controls.	0–10
Total (Sum of all points)	0–50
Points deducted for spelling, grammar, and APA errors
Adjusted total points

Lab #1 – Assessment Worksheet

Implementing Access Controls with Windows Active Directory

Course Name and Number: _____________________________________________________

Student Name: ________________________________________________________________

Instructor Name: ______________________________________________________________

Lab Due Date: ________________________________________________________________

Overview

In this lab, youused theActive Directory Domain Controller tosecure the C-I-A triad,ensuring confidentiality and integrity of network data. You created users and global security groups and assigned the new users to security groups. You followed a given set of access control criteria to ensure authentication on the remote server by applying the new security groups to a set of nested folders. Finally, you verified that authentication by using the new user accounts to access the secured folders on the remote server.

Lab Assessment Questions & Answers

1. Relate how Windows Server 2012 Active Directory and the configuration of access controls achieve C-I-A for departmental LANs, departmental folders, and data.

2. Is it a good practice to include the account or user name in the password? Why or why not?

3. What are some of the best practices to enhance the strength of user passwords in order to maximize confidentiality?

4. Can a user who is defined in Active Directory access a shared drive on a computer if the server with the shared drive is not part of the domain?

5. Does Windows Server 2012 R2 require a user’s logon/password credentials prior to accessing shared drives?

6. When granting access to network systems for guests (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend implementing to maximize CIA of production systems and data?

7. In the Access Controls Criteria table, what sharing changes were made to the MGRfiles folder on TargetWindows01-DC server?

8. In the Access Controls Criteria table, what sharing changes were made on the TargetWindows01-DC server to allow Shopfloor users to read/write files in the C:LabDocumentsSFfiles folder?

9. In the Access Controls Criteria table, what sharing changes were made on the TargetWindows01-DC server to allow HumanResources users to read/write files in the C:LabDocumentsHRfiles folder?

10. Explain how C-I-A can be achieved down to the folder and data file access level for departments and users using Active Directory and Windows Server 2012 R2 access control configurations. Configuring unique access controls for different user types is an example of which kind of access controls?

Lab #1 Crafting an Organization-Wide Security Management Policy for Acceptable Use

Introduction

When given access to resources, whether IT equipment or some other type of asset, most people will use the resources responsibly. However, a few people, when left to rely on only common courtesy or good judgment, will misuse or abuse those resources. The misuse might be for their own benefit or just for entertainment. While the misuse can be unintentional, it is still a waste of resources. To avoid that waste or outright abuse, a company will document official guidance. For resources within the IT domains, that guidance is called an acceptable use policy (AUP).

An AUP’s purpose is to establish the rules for a specific system, network, or Web site. These policies outline the rules for achieving compliance, for example. They also help an organization mitigate risks and threats because they establish what can and cannot take place.

In this lab, you will define an AUP as it relates to the User Domain, you will identify the key elements of sample AUPs, you will learn how to mitigate threats and risks with an AUP, and you will create your own AUP for an organization.

Learning Objectives

Upon completing this lab, you will be able to:

Define the scope of an acceptable use policy (AUP) as it relates to the User Domain.

Identify the key elements of acceptable use in an organization’s overall security management framework.

Align an AUP with the organization’s goals for compliance.

Mitigate the common risks and threats caused by users in the User Domain with the implementation of an AUP.

Draft an AUP in accordance with the policy framework definition that incorporates a policy statement, standards, procedures, and guidelines.

Deliverables

Upon completion of this lab, you are required to provide the following deliverables to your instructor:

1. Lab Report file;

2. Lab Assessments file.

Hands-On Steps

uNote: This is a paper-based lab. To successfully complete the deliverables for this lab, you will need access to Microsoft® Word or another compatible word processor. For some labs, you may also need access to a graphics line drawing application, such as Visio or PowerPoint. Refer to the Preface of this manual for information on creating the lab deliverable files.

1. On your local computer,createthelab deliverable files.

2. Review theLab Assessment Worksheet. You will find answers to these questions as you proceed through the lab steps.

3. Using Figure 1,review the seven domains of a typical IT infrastructure.

Figure 1 Seven domains of a typical IT infrastructure

4. On your local computer,opena newInternet browser window.

5. In the address box of your Internet browser,type the URLhttp://cve.mitre.org andpress Enter to open the Web site.

uNote: CVE stands for Common Vulnerabilities and Exposures, which is a reference system originated by the MITRE Corporation for cataloging known information security vulnerabilities. While MITRE is a U.S. not-for-profit organization, the U.S. Department of Homeland Security provides a portion of the funding to support the CVE database.

6. On the Web site’s left side,click theSearch CVE link.

7. In the box on the right titled CVE List Master Copy,click View CVE List.

8. In the Search Master Copy of CVE box at the bottom of the page,type User Domain into theBy Keyword(s) area andclick Submit.

9. Search the resulting list of articles for entries related to the User Domain.

10. In your Lab Report file,identify the risks, threats, and vulnerabilities commonly found in the User Domain. (Name at leastthree risks/threats.)

uNote: Your search for relevant risks will be difficult due to the high number of vulnerabilities related to Windows® Active Directory® domains, as opposed to the “User Domain” as one of the seven IT asset domains. Try additional words that describe user-particular risks or threats, for example, surfing, phishing, malicious, downloads, etc. Consider listed vulnerabilities, such as those that allow an authenticated user to gain unauthorized privileges, or steal others’ passwords or files.

11. In the address box of your Internet browser,type the URLhttp://www.sans.org/reading_room/whitepapers/threats/andpress Enter to open the Web site.

12. Scroll through the list of articles to find articles on threats and vulnerabilities in the User Domain.

13. Choose two articles that discuss two of the risks or threats you listed in step 10.

14. In your Lab Report file,discuss how these articles explain how to mitigate risks or threats in the User Domain.

15. In the address box of your Internet browser,type the following URLs andpress Enter to open the Web sites:

· Health care:http://it.jhu.edu/policies/itpolicies.html

· Higher education:http://www.brown.edu/information-technology/computing-policies/acceptable-use-policy

· U.S. federal government:https://www.jointservicessupport.org/AUP.aspx

16. In your Lab Report file,list the main components of each of the acceptable use policies (AUPs) documented at each of these sites.

17. In your Lab Report file,explain how a risk can be mitigated in the User Domain with an acceptable use policy (AUP). Base your answer on what you discovered in the previous step.

18. Consider the following fictional organization, which needs an acceptable use policy (AUP):

· The organization is a regional XYZ Credit Union/Bank that has multiple branches and locations throughout the region.

· Online banking and use of the Internet are the bank’s strengths, given its limited human resources.

· The customer service department is the organization’s most critical business function.

· The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT security best practices regarding its employees.

· The organization wants to monitor and control use of the Internet by implementing content filtering.

· The organization wants to eliminate personal use of organization-owned IT assets and systems.

· The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls.

· The organization wants to implement this policy for all the IT assets it owns and to incorporate this policy review into its annual security awareness training.

uNote: The best style for writing IT policy is straightforward and easy to understand. Avoid “fluff,” or unnecessary wording, and phrasing that could be understood more than one way. Write in concise, direct language.

19. Using the following AUP template, in your Lab Report file,create an acceptable use policy for the XYZ Credit Union/Bank organization (this should not be longer than three pages):

XYZ Credit Union/Bank

Policy Name

Policy Statement

{Insert policy verbiage here.}

Purpose/Objectives

{Insert the policy’s purpose as well as its objectives; include a bulleted list of the policy definition.}

Scope

{Define this policy’s scope and whom it covers.

Which of the seven domains of a typical IT infrastructure are impacted?

What elements, IT assets, or organization-owned assets are within this policy’s scope?}

Standards

{Does this policy point to any hardware, software, or configuration standards? If so, list them here and explain the relationship of this policy to these standards.}

Procedures

{In this section, explain how you intend to implement this policy throughout this organization.}

Guidelines

{In this section, explain any roadblocks or implementation issues that you must overcome and how you will overcome them per the defined policy guidelines.}

uNote: This completes the lab. Close the Web browser, if you have not already done so.

Assignment Grading Rubric

Course: IT541 Unit: 2 Points: 100

Assignment 2

Outcomes addressed in this activity:

Unit Outcomes:

• Assess access control models.
• Analyze denial of service response.
• Prepare worm countermeasures.
• Assess denial of service attacks.

Course Outcomes:

IT541-2: Compare authentication and encryption methods.

IT541-4: Apply basic information security Best Practices to business scenarios.

Assignment Instructions

This Assignment provides a "hands on" element to your studies. It gives you the opportunity to work with the protocols and see how they operate in real-world environments. Read and perform the lab entitled “IT541 Assignment 2 Lab"found in Doc Sharing; use the lab sheet included at the end of the lab file to submit your results.

Directions for Submitting Your Assignment:

Use the Lab #2 Worksheet document found at the back of the lab instructions as a guide for what to submit, and save it as a Word document entitled Username-IT541 Assignment-Unit#.doc (Example: TAllen- IT541 Assignment-Unit2.doc). Submit your file by selecting the Unit 2: Assignment Dropbox by the end of Unit 2.

Assignment Requirements:

• Answers contain sufficient information to adequately answer the questions
• No spelling errors
• No grammar errors

*Two points will be deducted from your grade for each occurrence of not meeting these requirements.

For more information and examples of APA formatting, see the resources in Doc Sharing or visit the KU Writing Center from the KU Homepage.

Also review the KU Policy on Plagiarism. This policy will be strictly enforced on all applicable assignments and discussion posts. If you have any questions, please contact your professor.

Review the grading rubric below before beginning this activity.

Unit 2 Assignment Grading Rubric = 100 points

Assignment Requirements	Points Possible	Points Earned
Document demonstrates that the student was able to correctly define the scope of an acceptable use policy.	0–20
Document demonstrates that the student was able to correctly identify key elements of acceptable use within an organization as part of an overall security management framework.	0–20
Document demonstrates that the student was able to correctly align an acceptable use policy with the organization's goals for compliance.	0–20
Document demonstrates that the student was able to mitigate common risks and threats caused by users within the User Domain with the implementation of an acceptable use policy.	0–20
Document demonstrates that the student was able to correctly create an acceptable use policy in accordance with the policy framework, incorporating a policy statement, standards, procedures, and guidelines.	0–20
Total (Sum of all points)	0–100
Points deducted for spelling, grammar, and APA errors
Adjusted total points

Lab #1 - Assessment Worksheet

Crafting an Organization-Wide Security Management Policy for Acceptable Use

Course Name and Number: _____________________________________________________

Student Name: ________________________________________________________________

Instructor Name: ______________________________________________________________

Lab Due Date: ________________________________________________________________

Overview

In this lab, you defined an AUP as it relates to the User Domain, you identified the key elements of sample AUPs, you learned how to mitigate threats and risks with an AUP, and you created your own AUP for an organization.

Lab Assessment Questions & Answers

1. What are three risks and threats of the User Domain?

2. Why do organizations have acceptable use policies (AUPs)?

3. Can Internet use and e-mail use policies be covered in an acceptable use policy?

4. Do compliance laws, such as the Health Insurance Portability and Accountability Act (HIPAA) or GLBA, play a role in AUP definition?

5. Why is an acceptable use policy not a fail-safe means of mitigating risks and threats within the User Domain?

6. Will the AUP apply to all levels of the organization? Why or why not?

7. When should an AUP be implemented and how?

8. Why would an organization want to align its policies with existing compliance requirements?

9. In which domain of the seven domains of a typical IT infrastructure would an acceptable use policy (AUP) reside? How does an AUP help mitigate the risks commonly found with employees and authorized users of an organization’s IT infrastructure?

10. Why must an organization have an acceptable use policy (AUP) even for nonemployees, such as contractors, consultants, and other third parties?

11. What security controls can be deployed to monitor and mitigate users from accessing external Web sites that are potentially in violation of an AUP?

12. What security controls can be deployed to monitor and mitigate users from accessing external webmail systems and services (for example, Hotmail®, Gmail™, Yahoo!®, etc.)?

13. Should an organization terminate the employment of an employee if he/she violates an AUP?

Question

Offered Price

$30.00

kaplan IT541 unit 3 assignment

Question # 00073537
Subject: General Questions / General General Questions
Due on: 05/30/2015
Posted On: 05/30/2015 05:48 AM

Posted By:

databank

Questions:

15687

Tutorials:

13862

Spent

$0.00

Earned

$5,419.71

Feedback Score:

91% (209 ratings)

Send Message

Report this Question as Inappropriate

Question

Assignment Grading Rubric

Course: IT541 Unit: 3 Points: 50

Assignment 3

Outcomes addressed in this activity:

Unit Outcomes:

• Recommend the design of an intrusion prevention system in a DMZ.
• Analyze efficiency of a range of anti-virus / anti-malware applications.

Course Outcomes:

IT 541-1: Analyze computer anti-virus techniques.

IT541-3: Evaluate Internet threat protection methods.

Assignment Instructions

This Assignment provides a "hands on" element to your studies. It gives you the opportunity to work with the protocols and see how they operate in real-world environments. Read and perform the lab entitled "IT 541 Assignment 3 Lab" found in Doc Sharing; use the lab sheet included at the end of the lab file to submit your results.

Directions for Submitting Your Assignment:

Use the Lab #3 Worksheet document found at the back of the lab instructions as a guide for what to submit, and save it as a Word document entitled Username-IT541 Assignment-Unit#.doc (Example: TAllen- IT541 Assignment-Unit3.doc). Submit your file by selecting the Unit 3: Assignment Dropbox by the end of Unit 3.

Assignment Requirements:

• Answers contain sufficient information to adequately answer the questions
• No spelling errors
• No grammar errors

*Two points will be deducted from your grade for each occurrence of not meeting these requirements.

For more information and examples of APA formatting, see the resources in Doc Sharing or visit the KU Writing Center from the KU Homepage.

Also review the KU Policy on Plagiarism. This policy will be strictly enforced on all applicable assignments and discussion posts. If you have any questions, please contact your professor.

Review the grading rubric below before beginning this activity.

Unit 3 Assignment Grading Rubric = 50 points

Assignment Requirements	Points Possible	Points Earned
Document demonstrates that the student was able to correctly identify malware and malicious software residing on a workstation.	0–10
Document demonstrates that the student was able to correctly remove malware and malicious software from the infected workstation.	0–10
Document demonstrates that the student was able to correctly verify that the client workstation was free of malware installations.	0–10
Document demonstrates that the student was able to correctly implement best practices in malware removal and verification.	0–10
Document demonstrates that the student was able to correctly identify the appropriate tools and techniques in identifying and removing malware.	0–10
Total (Sum of all points)	0–50
Points deducted for spelling, grammar, and APA errors
Adjusted total points

Lab #4 – Assessment Worksheet

Identifying and Removing Malware from Windows Systems

Course Name and Number: _____________________________________________________

Student Name: ________________________________________________________________

Instructor Name: ______________________________________________________________

Lab Due Date: ________________________________________________________________

Overview

In this lab, you used AVG Business Edition, an antivirus and anti-malware software tool, to identify malware and malicious software from an infected Windows 2012 workstation. You researched remediations for the malware identified by the scan, and took actions to remove those programs. You also used Windows Defender to perform the same actions on a Windows 2008workstation.

Lab Assessment Questions & Answers

1. What is the one thing that a virus, a worm, spyware, and malicious code have in common? What are the differences among these three threats: a virus, a worm, and spyware?

2. How often should you update your antivirus protection?

3. Why is it a best practice to have and to carry an antivirus boot-up disk or CD?

4. In a corporate environment, should new antivirus definitions be installed as soon as they are available?

5. Is the manual quick scan good enough protection for a system?

6. What best practices for the workstation domain that can mitigate the risks and threats caused by malicious code?

7. If you have an up-to-date antivirus program, do you still need a malware detection program like Windows Defender?

8. What are some of the most common symptoms of malware?

9. What risk or threat do malware applications, such as spyware, pose to the workstation domain?

Assignment Grading Rubric

Course: IT541 Unit: 4 Points: 50

Assignment 4

Outcomes addressed in this activity:

Unit Outcomes:

• Judge physical security risks and policy.
• Develop a response to a physical security incident.
• Assess anti-virus software to control risk.

Course Outcomes:

IT541-4: Apply basic information security Best Practices to business scenarios.

Assignment Instructions

This Assignment provides a "hands on" element to your studies. It gives you the opportunity to work with the procedures and see how they operate in real-world environments. Read and perform the lab entitled “IT 541 Assignment 4 Lab" found in Doc Sharing; use the lab sheet included at the end of the lab file to submit your results.

Directions for Submitting Your Assignment:

Use the Lab #4 Worksheet document found at the back of the lab instructions as a guide for what to submit, and save it as a Word document, entitled Username-IT541 Assignment-Unit#.doc (Example: TAllen- IT541 Assignment-Unit4.doc). Submit your file by selecting the Unit 4: Assignment Dropbox by the end of Unit 4.

Assignment Requirements:

• Answers contain sufficient information to adequately answer the questions
• No spelling errors
• No grammar errors

*Two points will be deducted from your grade for each occurrence of not meeting these requirements.

For more information and examples of APA formatting, see the resources in Doc Sharing or visit the KU Writing Center from the KU Homepage.

Also review the KU Policy on Plagiarism. This policy will be strictly enforced on all applicable assignments and discussion posts. If you have any questions, please contact your professor.

Review the grading rubric below before beginning this activity.

Unit 4 Assignment Grading Rubric = 100 points

Assignment Requirements	Points Possible	Points Earned
Document demonstrates that the student was able to correctly define appropriate access controls for students, faculty, and administrators in accordance with a defined access control policy.	0–20
Document demonstrates that the student was able to correctly identify best practices for assigning appropriate security properties to a variety of user groups.	0–20
Document demonstrates that the student was able to correctly identify best practices regarding file and folder sharing to mitigate risk within the user domain.	0–20
Document demonstrates that the student was able to correctly apply best practices within acceptable user policies to mitigate risk within the user domain.	0–20
Document demonstrates that the student was able to implement best practices for minimizing user exposure to sensitive data, including sanitization of data where necessary.	0–20
Total (Sum of all points)	0–100
Points deducted for spelling, grammar, and APA errors
Adjusted total points

Lab #3 – Assessment Worksheet

Configure Windows File System Permissions

Course Name and Number:

________________________________________________________________

Student Name: ________________________________________________________________

Instructor Name: ________________________________________________________________

Lab Due Date: ________________________________________________________________

Overview

In this lab, you reviewed the scenario requiring you to design a Windows folder structure, and you implemented your design. Next, you used the Microsoft Active Directory Users and Computers utility to create security groups that suited the requirements in the scenario. Finally, you applied those security groups to the folder structure you designed.

Lab Assessment Questions & Answers

1. When you designed a file system in the first section of this lab, why did you choose the structure that you selected?

2. As you look back on the file structure that you created, what changes would you want to make if you were to use it for a real college environment?

3. In this lab, you assigned members of the Faculty group Full Control of the Assignments folder. What risk does this pose?

4. What could you do to correct the situation described in question 3?

5. What Windows file security attribute allows a user to move through a folder to access files and folders underneath it?

6. What Windows file security attribute allows a user to view the contents of a file?

Assignment Grading Rubric

Course: IT541 Unit: 5 Points: 100

Assignment 5

Outcomes addressed in this activity:

Unit Outcomes:

• Evaluate best practices in privacy.
• Critique root process security.
• Discuss attacks against a Web security protocol.

Course Outcomes:

IT541-5: Explain the return on investment of various security implementations.

Assignment Instructions

This Assignment provides a "hands on" element to your studies. It gives you the opportunity to work with the procedures and see how they operate in real-world environments. Read and perform the lab entitled “IT 541 Assignment 5 Lab" found in Doc Sharing; use the lab sheet included at the end of the lab file to submit your results.

Directions for Submitting Your Assignment:

Use the Lab #5 Worksheet document found at the back of the lab instructions as a guide for what to submit, and save it as a Word document entitled Username-IT541 Assignment-Unit#.doc (Example: TAllen- IT541 Assignment-Unit5.doc). Submit your file by selecting the Unit 5: Assignment Dropbox by the end of Unit 5.

Assignment Requirements:

• Answers contain sufficient information to adequately answer the questions
• No spelling errors
• No grammar errors

*Two points will be deducted from your grade for each occurrence of not meeting these requirements.

For more information and examples of APA formatting, see the resources in Doc Sharing or visit the KU Writing Center from the KU Homepage.

Also review the KU Policy on Plagiarism. This policy will be strictly enforced on all applicable assignments and discussion posts. If you have any questions, please contact your professor.

Review the grading rubric below before beginning this activity.

Unit5AssignmentGradingRubric=100points

Assignment Requirements	Points Possible	PointsEarned
Document demonstratesthat the student wasable tocorrectlyinstall DFS on a Windows server.	0–20
Document demonstratesthat the student wasable toconfigure DFS to replicate data from a Windows Server 2012.	0–20
Document demonstratesthat the student wasable tocorrectlyinstall Windows Server Backup from the command line.	0–20
Document demonstratesthat the student wasable tocorrectlyschedule a backup using Windows Server Backup on a Windows Server 2012.	0–20
Document demonstratesthat the student wasable toverify DFS replication on the Windows Server 2012.	0–20
Total(Sumof all points)	0–100
Pointsdeductedforspelling, grammar, andAPAerrors
Adjusted totalpoints

Lab #6 – Assessment Worksheet

Creating a Scheduled Backup and Replicating System Folders

Course Name and Number: _____________________________________________________

Student Name: ________________________________________________________________

Instructor Name: ______________________________________________________________

Lab Due Date: ________________________________________________________________

Overview

In this lab, you installed the Windows Distributed File System and Windows Server Backup features from the PowerShell command line. You scheduled a daily backup of the C:ERPdocuments folder on the TargetWindows01 server and replicated this backup to the TargetWindows02 server using the DFS Replication feature.

Lab Assessment Questions & Answers

1. What is the difference between roles and features in Windows Server 2008?

2. What is installed when you choose theRSAT-DFS-MGMT-Con feature?

3. How often should servers be backed up?

4. What are the different types of data backup that are performed?

5. What is the command to create a share?

6. What is a differential backup?