Premium Essay

Lab 10 Assessment Worksheet

In: Computers and Technology

Submitted By mozurjus
Words 368
Pages 2
1. Why is it important to run the MBSA?
It is important to run to check current settings that are insecure.

2. What does an MBSA analysis look for?
The analysis looks for any available security updates that can be downloaded.

3. How can MBSA be executed?
Via its GUI in the program panel or you can use the command line tool.

4. Does the system that is being scanned need to have access to the internet for the scan to be successful?
Yes it does need to have access to the internet for the scan to be successful.

5. In what formats can the scan results be viewed?
If you are running the tool from the GUI you can view them in there right after the scans. If you run it from the command line you can view it in the text file.

6. Could you scan one computer at a time or could you perform multiple scans at a time?
Each computer can only be scanned at a time.

7. What portion of the scan takes longer? Is it necessary to perform this scan every time?
Full scan. No, but you should run a full scan periodically.

8. Are the scans saved locally, and if so where?
Yes, C:\users\username\SecurityScans folder

9. Could you exclude patches to be scanned for?

10. Which are some of the major recommendations that you would provide to secure any Windows system?
Harden the operating system FIRST; install only the necessary services; use server roles when possible; SCW to apply least privilege principle to applications; remove or disable unneeded services, user accounts and extra application components; only open the minimum required ports at the firewall; define unique user accounts; user strong authentication; use encrypted connections for all communications; encrypt file, folders and volumes that contain private data; develop and maintain a Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP); disable any server…...

Similar Documents

Premium Essay

Lab 3 Assessment

...Lab 3 Assessment Worksheet Data Gathering and Foot-printing a Target Website 1. Which reconnaissance tool comes with Microsoft Windows that can provide and can be initiated from the DOS command prompt? What useful information does this query provide? Sam Spade, Whois, ping, IP block whois, nslookup, dig, DNS zone transfer, traceroute, finger, SMTP, VRFY, and Web browser. It provides which ports are open, a list of ip addresses or name resolutions. 2. What is the difference between ARIN, RIPE, IANA? What regions of the world do these domain name registry organizations cover? The location or region of the world it is located in. ARIN covers North America, Africa South of the equator and portions of the Caribbean. APNIC covers Asia and Pacific Region, LACNIC covers Latin America and portions of the Caribbean, and RIPE covers Europe, parts of Asia, Africa north of the equator, and the Middle East. 3. What other functions can be completed using the Sam Spade Utility? Command-line tools to include whois, traceroute, finiger, ping, and nslookup. 4. What is the purpose of the traceroute command? What useful information does traceroute provide? How can this information be used to attack the targeted website? It traces the routes packets take from the user to the target. It shows a route by hops. They target the host address. 5. What important information can be gleaned from a whois record for a website? Whois provides ownership and contact information for the......

Words: 473 - Pages: 2

Premium Essay

Lab #2 – Assessment Worksheet

...Lab #2 – Assessment Worksheet IEE 802.3 CSMA/CD & Ethernet II Networking 1. Using the Wireshark Protocol Analyzer how was you able to isolate and inspect IP and CDP packets for further analysis? Navigating to the Analyze menu interface, selecting the “Disable All” button at the bottom of the window, in the “Protocol” window scroll to “IP” and select it the same steps apply to CDP. 2. In what section of the Wireshark Protocol Analyzer interface is the details of a capture packet frame displayed? On the Frame Analysis Window 3. Draw an IEEE 802.3 frame Showing segments and bytes assigned to each segment? 4. What are the main speeds of Ethernet? 10 mbps 100 mbps (fast Ethernet) 1000 mbps (gigabit Ethernet) 10000 mbps (ten gigabit Ethernet) 5. What is the Maximum size allocated for information in an IEEE 802.3 Ethernet Frame? Maximum length Ethernet II frames (1518 bytes, with a payload of 1500 bytes) 6. What is the main difference in the layout of IEEE.802.3and Ethernet II frame? IEEE 802.3 decided to include the Type of both source and destination in the 802.2 LLC header. So they replaced the Type field (bytes 13-14) with a Length field. The length" is not the full frame size - rather, it is the 802.2 packet length - the number of bytes of the 802.2 (LLC and data) portion of the frame, excluding padding. 7. What is the maximum number of bytes assigned to the “source address” segment of an IEEE.802.3? Ethernet and IEEE 802.3 specify similar technologies...

Words: 485 - Pages: 2

Free Essay

Is3230 Lab 6 Assessment Worksheet

...Lab 6 Assessment Worksheet 1. What are the available password policy options that could be enforced to improve security in a group policy object? * Enforce password history, Maximum password age, Minimum password age, Minimum password length, and Passwords must meet complexity requirements 2. How would you set security permission and user access rights on a home computer using windows XP professional or similar that is not a member of the domain? * When a Windows PC is not a member of the domain, the ONLY user accounts it will trust are those it finds in its local security database. 3. Why is the use of the different password policy options available and why is it important to implement complexity and length requirements? * A password policy sets certain standards for passwords, such as the password complexity and the rules for changing passwords. A password policy minimizes the inherent risk of using passwords by ensuring that they meet adequate complexity standards to thwart brute force attacks and they are changed frequently enough to mitigate the risk of someone revealing or discovering a password. 4. Microsoft defines user rights in two types of categories: logon rights and privileges. Explain the difference of the two from an access control perspective? *  Logon rights control who is authorized to log on to a computer and how they can log on. Privileges control access to system-wide resources on a computer and can override the......

Words: 733 - Pages: 3

Premium Essay

Is3110T Lab 2 Assessment Worksheet

...Lab #2 Assessment Worksheet Align Risks, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls 1. a. Unauthorized access from public internet - HIGH b. User destroys data in application and deletes all files - LOW c. Workstation OS has a known software vulnerability – HIGH d. Communication circuit outages - MEDIUM e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - MEDIUM 2. a. PO9.3 Event Identification – Identify threats with potential negative impact on the enterprise, including business, regulatory, legal, technology, trading partner, human resources and operational aspects. b. PO9.4 Risk Assessment – Assess the likelihood and impact of risks, using qualitative and quantitative methods. c. PO9.5 Risk Response – Develop a response designed to mitigate exposure to each risk – Identify risk strategies such as avoidance, reduction, acceptance – determine associated responsibilities; and consider risk tolerance levels. 3. a. Unauthorized access from public internet - AVAILABILITY b. User destroys data in application and deletes all files - INTEGRITY c. Workstation OS has a known software vulnerability – CONFIDENTIALITY d. Communication circuit outages - AVAILABILITY e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - INTEGRITY 4. a. Unauthorized access from public internet...

Words: 934 - Pages: 4

Premium Essay

Lab 2 Assessment Worksheet

...IS3340-WINDOWS SECURITY | Lab #2 | Assessment Worksheet | | [Type the author name] | 4/3/2014 | | 1. What is the Principle of Least Privilege? Providing only the necessary access required to carry out a task. 2. What does DACL stands for and what does it mean? Discretionary Access Control List is the list of access control rules (ACL’s). 3. Why would you add permissions to a group instead of the individual? Management of the permissions (add/remove) is easier to do from the Group Level, other than Individual User and is quicker. 4. Why would you allow shared access to groups instead of to everyone? By allowing access by Groups it is easier to manage – all users have to be part of a Group in order to be created. 5. List at least 3 different types of access control permissions you can enable for a file. Read, (permits viewing or accessing of the file's contents) Write (permits adding to the file) Modify (permits reading and writing of the file and allows deletion of the file) 6. Which access control permissions allow you to delete files and/or folders? Modify is the access control permission allowing the user to delete files and/or folders. 7. What is the lowest level permission needed in order to view the contents of a folder? Read 8. If you don’t remember the syntax when using iCacls.exe what command do you type in to see the options? icacls.exe (the command with no arguments) 9. What other tool......

Words: 331 - Pages: 2

Free Essay

Lab 4 Assessment Worksheet unknown program or process trying to access the internet. * You get a lot of bounced back mail and see evidence of e-mails being sent without your knowledge. * Your browsing speed becomes very slow since you installed the "ultimate search companion". * Strange and unexpected toolbars appear in your web browser and you don't know how it got there. * Your phone company charges you for '1-900' phone calls you didn't make. * When you try to open spyware eradicating programs like Spybot S&D, Adaware or windows programs like Task manager, Regedit and Msconfig, they just pop up on your screen momentarily and disappear. * The Java console appears in your task bar when you hadn't run any Java software recently. 10. What are examples of harmful spyware applications? What risk or threat do they pose to the Workstation Domain? * CoolWebSearch, a group of programs, takes advantage of Internet Explorer vulnerabilities. The package directs traffic to advertisements on Web sites including It displays pop-up ads, rewrites search engine results, and alters the infected computer's hosts file to direct DNS lookups to these sites. * Zango (formerly 180 Solutions) transmits detailed information to advertisers about the Web sites which users visit. It also alters HTTP requests for affiliate advertisements linked from a Web site, so that the advertisements make unearned profit for the 180 Solutions Company. It opens pop-up ads that......

Words: 992 - Pages: 4

Premium Essay

Lab 5 Assessment Worksheet

...determine its security state based on Microsoft Update and an assigned WSUS server, the offline catalog ( on the scanning computer is pushed to the target computer to make the security assessment 7. What does WSUS stand for and what does it do? Windows Server Update Services, enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. WSUS downloads these updates from the Microsoft Update website and then distributes them to computers on a network 8. What is the difference between MBSA and Microsoft Update? MBSA allows multiple computers to be scanned for missing/needed updates at one time by remote scan, whether or not the target computers can access the Internet and the Microsoft Update web site. Microsoft Update is a Web site that can scan a single computer and indicate missing/needed updates and install them as a group, as long as the computer is connected to the Internet and can reach the Microsoft Update Web site. 9. What are some of the options that you can use when employing the MBSA tool? * Check for Windows administrative vulnerabilities * Check for week passwords * Check for SQL administrative vulnerabilities * Check for security updates 10. Explain a scenario where an organization can use MBSA, WSUS and Windows Update in a combined strategy to maintain systems across an enterprise up-to-date? System administrators use a......

Words: 676 - Pages: 3

Premium Essay

Lab 6 Assessment Worksheet

...State data. In the Restore you can only restore from a backup file. 7. Can you restore a server’s operating system image using the restore application? Yes, by using Windows Recovery Environment and a backup that you created earlier with Windows Server Backup. 8. What are the options to perform backups within Windows XP? * My Documents & Settings * Everyone’s Documents & Settings * All Information on the Computer * Let me Choose what to backup 9. How much disk space did the backup of each the server and workstation require? Why is this important to know? Server = 49.81MB , Workstation=1,002 Bytes Both are important to know so you can be sure to have enough space allocated for the backups. 10. How long did it take to restore the Server backup image on your system and verify operation? If you had to define a recovery time objective (RTO) for performing this back-up and restore, what would you specify at an achieveable goal? 15-20 minutes depending on the speed of the computer (available memory) 30 minutes at most for the RTO...

Words: 387 - Pages: 2

Premium Essay

Lab 7 Assessment Worksheet

...Windows XP Firewall rules? * Use Security Configuration Wizard to configure Windows Firewall. * Use Group Policy to manage Windows Firewall. * Do not configure Windows Firewall settings on a computer-by-computer basis. * Do not configure per-connection settings. * Create program exceptions instead of port exceptions. * Open the minimum number of ports. * Use scope settings to limit the scope of an exception. * Turn off Windows Firewall if you are using a non-Microsoft host firewall. 9. Enable ICMP – PING filters on your internal XP firewall rules configuration to block ICMP – PING packets from hitting your XP workstation or server. How can you test it worked properly? Trying using ping or tracert 10. What Windows XP Firewall policies and filters are enabled by default on the XP workstation or server? Windows Firewall is turned on for all network interfaces...

Words: 341 - Pages: 2

Premium Essay

Unit 1 Assessment Worksheet

...IS3445T Security for web applications | Evaluate Business World Transformation- Impact of the Internet and WWW | Unit 1 Lab 1 | | Daniel Alvarado Jr. | 6/24/2014 | | LAB ASSESMENT QUESTIONS & ANSWERS 1. From the results of the Lab #1 – Business Application Impact Analysis Worksheet, what do you consider to be the greatest type of risk and why? * Private own Bank/ due to financial information 2. Why is it critical to perform periodic web application vulnerability assessments and penetration test? * To reduce vulnerabilities and test environments/ in addition to securing operating systems 3. What kind of web application does Damn Vulnerable Web Application use? * PHP/open source APP * Web Based * Penetration Testing 4. Why is connecting your web servers and web application to the internet like opening Pandora’s Box? * Opens your system to vulnerability confidential information 5. What does the skipfish application do and why is it good security tool for web servers and web application testing? * High speed Web App Recon Tool 6. What is tcdump and why is it a good tool for application for testing the Ubuntu Linux web server and web application security? * Allows to see traffic protocol testing 7. What does the Firefox Live HTTP Headers Plug-in application do, and why is this a good tool for web server and web application security testing? * Debug Application * See Server response 8...

Words: 294 - Pages: 2

Premium Essay

Lab 2 Assesment Worksheet

...Lab 2 Assessment Worksheet 1. A. Denial of Service attack on organization’s email server Medium Risk B. Fire destroys primary data center High Risk C. Loss of Production Data High Risk 2. For the above identified threats and vulnerabilities, which of the following COBIT P09 Risk Management control objectives are effective? 3. A. Denial of Service attack on organization’s email server Threat to Availability B. Fire Destroys Data Center Threat to Integrity and Availability C. Loss of Production Data Threat to Integrity and Availability 4. Effectiveness, Efficiency, Compliance, and Reliability secondary. 5. A. Denial of Service Information- Information would not be able to be accessed to end users from outside the primary server control. By adding firewalls and limiting access to certain IPs, the risk can be lessened. Applications- Deny access to necessary applications needed by the organization. Can be mitigated as stated above by firewall procedures to limit IPs. Infrastructure- Access from remote terminals will be very limited. Firewalls should be installed to help limit which IPs have access. People- Will have limited access to the organization’s server. Contact their local IT manager to give them access to the server by allowing their IP through. B. Fire Destroys Data Center Information- Information will be destroyed by the fire. Back up data to an offsite server/hard drive to have a fall back plan. Applications- Applications will......

Words: 515 - Pages: 3

Premium Essay

Lab #4 – Assessment Worksheet

...Lab #4 – Assessment Worksheet Using Ethical Hacking Techniques to Exploit a Vulnerable Workstation IS4650 Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you performed all five phases of ethical hacking: reconnaissance (using Zenmap GUI for Nmap), scanning (using OpenVAS), enumeration (exploring the vulnerabilities identified by OpenVAS), compromise (attack and exploit the known vulnerabilities) using the Metasploit Framework application), and conducted post-attack activities by recommending specific countermeasures for remediating the vulnerabilities and eliminating the possible exploits. Lab Assessment Questions & Answers 1. What are the five steps of ethical hacking? reconnaissance, scanning,enumeration, compromise, post-attack activities: recommended countermeasures for remediation. 2. During the reconnaissance step of the attack, what open ports were discovered by Zenmap? What services were running on those ports? There were several Ports, I will list onl a few POrts, 21,3306,22,53,445,111,25, all running TCP: the services running were Linux telneted, smtp Postfix, Apache Tomcat/Coyote JSP 3. What step in the hacking attack process uses......

Words: 285 - Pages: 2

Premium Essay

Lab #10

...Lab #10 Assessment Questions & Answers Network/Security Assessment Questionnaire Network Assessment – Required Information 1. Do you have detailed logical network drawings? If so, please attach. 2. What Directory service, if any, is in use? 3. How many network elements do you have? List each, including make and model or attach list. 5 4. Have you configured multiple networks on this infrastructure? no 5. What internal (RFC1918 or otherwise not-Internet-routable) IP address ranges do you use? 6. What external (Internet routable) address ranges do you use? 7. What protocols are in use on your network? 8. What is the role of each network? (Attach list if multiple networks.) 9. How many hosts do you have on the network? 10. What operating systems are used among your servers and workstations? 11. What applications rely on your network(s)? 12. How many Internet-exposed servers are on your network? 13. What applications do you use to manage your network(s)? 14. What geographic locations connect to your network(s)? 15. What are your future growth plans for your network(s)? Security Assessment – Required Information 1. Do you have firewalls, ACLs, or other types of traffic filters in place within your network? If yes, please describe. 2. What is the general firewall policy: Default permit, default deny inbound, default permit outbound? 3. Do you have any other filtering technologies implemented at the network or......

Words: 708 - Pages: 3

Premium Essay

Lab Worksheet

...|SMART Goal Worksheet | | | |Remember!! SMART Goals are: |Name: Don castle | | |My plan is graduate with a high satisfying GPA in Bachelor's in Business| | | |Measurable | | | |Administration wit h focus in Operations management om March 2018. | | | | | | | |Before my graduation I plan to get an internship with GE company in | | | | | | | |Cincinnati Ohio to gain knowledge and experience and also try to secure | | | | | | | |a position. | | | | | | | | | ...

Words: 741 - Pages: 3

Free Essay

Mineral Lab Worksheet

...Part 1: Recording Observations In the following chart, record your observations of each test for the seven minerals. After you have completed all tests, name the minerals in Part 2 of this worksheet. An example of how to fill out the chart is illustrated follows. Recorded Observations for Minerals 1-7 Tests Example Mineral 1 Mineral 2 Mineral 3 Mineral 4 Mineral 5 Mineral 6 Mineral 7 Color White Gold Green White Pink White White Black Streak White Black White White White White White Brown Luster Shiny Shiny Specks Shiny Specks Shiny Dull Shiny Shiny Shiny Specks Specific Gravity 3.18 5.1 2.8 2.7 2.6 2.65 2.4 2.2 Cleavage & Fracture Cleavage Fracture Fracture Cleavage Fracture Fracture Cleavage Fracture Hardness 4 3.1-5.4 1-2.9 1-2.9 3.1-5.4 6.1-10 1-2.9 1-2.9 Acid No Reaction No Reaction No Reaction Active bubbling and Fizz No reaction No reaction No Reaction Light bubbling and fizz Part 2: Naming the Minerals Name the minerals in the following table. Then, insert a percentage of how certain you are in your identification. Finally, explain your percentage of certainty: What was confusing about this mineral? What other minerals do you think it could be? Remember, the minerals include seven of the following: borax, calcite, corundum, graphite, gypsum, orthoclase feldspar, pyrite, quartz, talc, and topaz. Identification of Mineral Percent Certain Explanation of Certainty Example: Fluorite 80% certain I am almost certain this mineral is fluorite, but I am...

Words: 1502 - Pages: 7

Kleidung & Zubehör | Watch Now | Weekly Idol