Issc342 Lab4

In: Science

Submitted By roselynp
Words 421
Pages 2
Lab #4
Operating Systems: Hardening and Security
March 1st, 2015

Lab Assessment Questions & Answers

1. What is the one thing that a virus, a worm, spyware, and malicious code have in common? What are the differences among these three threats: a virus, a worm, and spyware?
A virus, worm and spyware all have in common that they replicate themselves into the network’s system. Some of the differences between the three are that worms can edit files, viruses need a host file to propagate itself and a spyware can steal very sensitive information within the network. 2. How often should you update your antivirus protection?
You should update your antivirus protection daily to always keep your network secured. 3. Why is it a best practice to have and to carry an antivirus boot-up disk or CD?
It is best practice to use an antivirus boot-up or CD because it can bypass any files that are meant to protect the malware from being detected during scans.

4. In a corporate environment, should new antivirus definitions be installed as soon as they are available?
Yes, in a corporate environment antivirus programs should be installed right away to protect the company’s files.

5. Is the manual quick scan good enough protection for a system?
No a manual quick scan is not good enough protection for a system the files also have to be deleted.

6. What best practices for the workstation domain that can mitigate the risks and threats caused by malicious code?
Some good practices that can help mitigate risks are to perform checks, perform audits in your network, and making sure that the virus protection is covering all areas. 7. If you have an up-to-date antivirus program, do you still need a malware detection program like Windows Defender?
Yes even if you have an up to date antivirus program you still need a malware detection program because…...

Similar Documents

Issc342 Assignment 1

...1. Discuss common forms of attack on Microsoft systems using the text Internet, and/or your job as reference for full credit. When considering the security of a system you will need to determine all the possible threats, vulnerabilities, and attacks. You will also need to consider the appropriate tradeoffs between security on one hand, and usability and cost on the other. A threat is the possibility of system compromise. For example, a threat could be the potential for unauthorized people to gain access to sensitive information, such as credit card information or health records. Microsoft (2005) Threats usually involve confidential information. An attack takes advantage of an existing vulnerability. For example, suppose a malicious user knows that some users have weak passwords and tries guessing them until gaining access to restricted resources. It is important to realize the different types of security attacks you might encounter. Once you understand these, you will learn the appropriate countermeasures to take. Microsoft (2005) The three main types of attacks are: Disclosure of data, Corruption of data, and Denial of service. Disclosure refers to unauthorized or inappropriate access to sensitive data. This is probably the most common form of attack. An example of disclosure is a file that holds confidential payroll information. If this file finds its way into the hands of someone who should not be privy to the data, then the data has been disclosed. Data corruption is......

Words: 496 - Pages: 2

Lab4

.... a) Virus – A malicious software that attaches itself to or copies itself into, another program for the purpose of causing the computer to follow instructure that were not by the original program developer. b) Worm – A malicious software programs that actively transmit themselves. Generally over networks to infect other computers. c) Spyware – A malicious software that covertly monitors and records pieces of information such as Web surfing activities and all data processed by the browser. d) Malicious code – Software that is designed to infiltrate a target computer and make it do something the attacker has instructed it to do. 2. An update should be done every day 3. Antivirus or something excepted to the program. And they assist to detecting. And by using cd the files are protected for any virus. 4. a) Internet e-mail-messages Shield - set your computer to update Viruses day or weekly and run a complete Virus Scan. b) Web Traffic Shield – Scan or update before using web browsing activities. c) P2P traffic Shield d) Network Traffic Shield 5) Yes they should be tested first before to fill out or put in public environment. 6) It depends on how often you run the scans vs your activity with the internet. Do a quick scan on a daily basis. Once a month I'll do a full scan. The quick scan should be good enough, though.... 7. 8. Yes 9. Home Page Hijacking, Pop up Advertisements, Crashes, firewall and antivirus programs are frequently turned off automatically. 10.......

Words: 258 - Pages: 2

Issc342

...LAB #1 – ASSESSMENT WORKSHEET Configure Active Directory and Implement Departmental and User Access Controls Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you configured Windows Active Directory to create Department and User accounts, and set unique read/write folder and fi le access privileges. You used the Windows Configuration Applet and Group Policy Management console to create and test configurations and read/write of several fi les with specific access controls. You also used group policy objects to restrict access to certain users and groups at the directory, folder, and fi le level. Lab Assessment Questions & Answers 1. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data. 2. Is it a good practice to include the account or user name in the password? Why or why not? 3. To enhance the strength of user passwords, what are some of the best practices to implement for user password definitions to maximize confidentiality? 4. Can a user defined in Active Directory access a shared drive if that user is not part of the domain? 5. Does Windows Server 2008 R2 require a user’s logon/password credentials prior to accessing shared drives? 6. When looking at the Active Directory structure for Users and Computers, which group has the least amount of implied privileges? 7. When granting access to LAN systems for guests (i...

Words: 363 - Pages: 2

Week 5

...Unit 3 Lab4 Chris Hann Zy Powell 1. Dictionary attacks and rule-based search attacks. 2. Cross-site scripting allows for attackers to bypass client-side security mechanisms normally forced on web content by current browsers. 3. You can do this by disabling scripting when it is not necessary. Do not trust links to other sites on email or message boards, and do not follow links from sites that lead to security-sensitive information directly through its address. 4. The attacker can use redirect vulnerability, where a webpage uses a script to redirect the user somewhere other than the intended site. So then the hacker takes advantage of the script and you are sent to an external page instead of an internal one. 5. It can be denial of access, data loss or corruption, and unnecessary account privileges. 6. Blind SQL injection ask question that can only have a yes or no answer. Yet with normal SQL injection ask questions that will confuse the applications into returning answers in error message and. 7. Because XSS is a hacking technique in which a malicious user enters a short snippet of JavaScript into a textbox so that this script will be saved in the database. Therefore when a user retrieves and displays this later, the browser will execute the script. 8. When a user tries to enter their credentials, the url is explaining that the password is wrong. 9. By removing all unwanted input and accept only expected input,......

Words: 295 - Pages: 2

Common Forms of Attacks on Microsoft Systems

...COMMON FORMS OF ATTACKS ON MICROSOFT SYSTEMS Corey Slate ISSC342 Professor Peter Mylonakos American Public University July 13, 2014 COMMON FORMS OF ATTACKS ON MICROSOFT SYSTEMS Ever since the Microsoft Company was founded in 1975, they have been working in the computer industry with one mission on their minds. The ability to enable people and businesses throughout the world to realize their full potential by creating technology that transforms the way people work, play, and communicate (Microsoft, 2014). Throughout the company’s journey to accomplish their mission they have had great success being a front runner in the development of operating systems for personal computers and even branching out into the mobile device world of today. With their many successes, however, as come some small setbacks that have caused the company problems in the past, the present, and surely in the future as well. What are these setbacks that can frustrate a major company like Microsoft, the answer is technology. The Microsoft Company has been using the advances in technology to lead their company to the top of the personal computer operating systems world for over a decade. They have developed many types of operating systems with many different versions to appease the different types of people and companies that require their operating systems to function on a daily level. However, with technology advancing attackers, or hackers, use the new technology to seek and exploit......

Words: 584 - Pages: 3

Issc342 Lab 3 Q&a

...Lab 3 Questions and Answers 1. Within a Microsoft® Windows 2008 server R2 environment, who has access rights to the EFS features and functions in the server? Only the users that have been given the rights to encrypt files and have rights to encrypt and decrypt. 2. BitLocker can enable three modes of access control on drives. List these three modes. The three modes are TPM, PIN, and USB. 3. What feature and function can you enable to mitigate the risk caused by USB thumb drives moving confidential data to/from a USB hard drive? You can use either a smartcard or a USB key/password through windows prompts. 4. What are some best practices you can implement when encrypting BitLocker drives and the use of BitLocker recovery passwords? Well whenever you encrypt BitLocker drives and use BitLocker passwords, windows will give you options of ways to store the passwords. You can save to a USB flash drive, save to a file, or print the recovery key out. 5. What encryption algorithm is supported by BitLocker? The main type is Asymmetric algorithm. 6. What is the Trusted Platform Module (TPM) within BitLocker, and how does this verify the integrity of the workstation domain and laptop boot process? (TPM) uses a microchip to manage and protect the key used for volume encryption and decryption. BitLocker uses a combination of TPM, PIN, and USB keys to verify the integrity of the boot processes. 7. How do you grant additional......

Words: 467 - Pages: 2

Lab4

...15OCT14 NT1110-1 Task 1 The LGA 1156 is known as Socket H2, the LGA 1155 CPU socket is used with Intel's “2nd Generation Core* i7/i5/i3 series” of desktop microprocessors codenamed Sandy Bridge. This 1155-circuit socket is a replacement of its predecessor – the LGA 1156 Socket (or Socket H1) – which mates with the Nehalem* processor. Its purpose is to connect the motherboard to the, without this connection the computer would not work. The Intel H55 Express Chipset. The GIGABYTE H55N-USB3 motherboard was built to support Clarkdale (Core i3/i5) processors as well as Lynnfield (Core i5/i7) CPUs. New to the H55 platform is a Direct Media Interface (DMI) that connects between the processor and chipset. The purpose of the H55 is to provide the interface for the PCI Express lanes on the motherboard The Gigabyte GA-H55M-UD2H motherboards interesting information is its Unique On/Off Charge delivers the best recharging capability to iPad, iPhone and iPod Touch. It supports six devices without the need for drivers to be installed before being fully functional. The high performance DAC has 108 dB signal to noise ratio playback quality and it has an innovative Smart 6 technology for smarter PC management. Task 2- The AMD 700 chipset series (also called as AMD 7-Series Chipsets) is a set of chipsets designed by ATI for AMD Phenom processors its purpose on the motherboard is to link the computer systems hardware to the processor. The AMD SB710 Southbridge Chipset is for use......

Words: 298 - Pages: 2

Sd 1420 Lab4-3

...Old code import java.util.Scanner; public class lab { /** Main method */ public static void main(String[] args) { // Create a Scanner Scanner input = new Scanner(System.in); // Get number of students System.out.print("Please enter number of students: "); int numberOfStudents = input.nextInt(); int[] scores = new int[numberOfStudents]; // Array scores int best = 0; // The best score char grade; // The grade // Read scores and find the best score for (int i = 0; i < scores.length; i++) { System.out.print("Please enter a score: "); scores[i] = input.nextInt(); if (scores[i] > best) best = scores[i]; } // Declare and initialize output string String output = ""; // Assign and display grades for (int i = 0; i < scores.length; i++) { if (scores[i] >= best - 10) grade = 'A'; else if (scores[i] >= best - 20) grade = 'B'; else if (scores[i] >= best - 30) grade = 'C'; else if (scores[i] >= best - 40) grade = 'D'; else grade = 'F'; output += "Student " + i + " score is " + scores[i] + " and grade is " + grade + "\n"; } // Display the result System.out.println(output); } } Corrected code import java.util.Scanner; public class Grades{ public static void main(String[] args) { // Create a Scanner Scanner input = new Scanner(System.in); // Get number of students System.out.print("Please enter number of students: "); int numberOfStudents = input.nextInt(); int[] scores = new......

Words: 341 - Pages: 2

Lab4

...Jon Irfan NT1210 Lab_8 8.1.1: The network ID is 110. And the network host is 10.10.1. Binary value of the network ID is 192. And the binary value of the host is 21. 8.1.3: yes it would be. The first octet is 192 which would be in Class C. 8.1.4: The network ID of the IP address is 192.8. The network ID of host address is 8.4. The Binary network ID is 10111110.1000. And the binary host ID is 1000.100. 8.1.5: 255.255.255.0 = /24 11111111.11111111.11111111.00000000. total of 24 1’s. 255.128.0.0 =/9 11111111.00000000.00000000.00000000 = /9 total of 9 1’s. Block size | Starting IP address | Ending IP Address | Subnet Mask (slash notation | 24 bit block | 10.0.0.0 | 10.255.255.255 | 255.0.0.0 = /8 | 20 bit block | 172.16.0.0 | 17.31.255.255 | 255.255.0.0 = /16 | 16 bit block | 192.168.0.0 | 192.168.255.255 | 255.255.255.0 =/24 | 8.1 Review: The IP address is; 10.91.108.165. Subnet Musk is; 255.255.255.0. And the IP address is considered class C.Yes, it is a part of the private address block. 8.2.1: yes, the IP address works. No, the Ping command don’t reach the default gatway. 8.2 Review: using a static IP you can dial into the computer that is having the issue directly. 2. in large scale networking environments. So that you would not have to worry about setting up each individual machine and their IP setting. 8.4 1- AP 2 would be the most reliable. Outside of using AP3 it is in the......

Words: 526 - Pages: 3

Issc342

...Running head: Cyber Security Securing Networks Wagner, Juan ISSC342 ABSTRACT As our dependency on technology grows so does the need to protect the data contained in them. We live in a world where digital imaginary data has become just as important if not more than actual physical work these machines perform. One of the biggest jobs for any respectable firm is the ability to protect its information from the unrelenting attacks by hackers, insiders, social engineers and software exploits. this is an on going struggle that will never end. The reality is there is no way to fully and completely protect a network. The second best thing we can do as IT professionals is ensure protocols that have resulted in having a more secure network are being met. Since most of the errors in the world are human errors we must take extra consideration when securing a network. Computers don't make mistakes only people make mistakes. Finally as professionals we must do our job in researching new exploits, tools and reasons why someone would want to perform a cyber attack on said company. INTRODUCTION In the IT world knowledge is power, and there is much to be learned if a corporation is to be able to perform at an AAA level. There are many things that can go wrong in regards to intellectual property. Some of those things are certificates, classification of data, and how computing devices are used. In conjunction with the material professionals also should be actively researching...

Words: 1917 - Pages: 8

Lab4

...Lab 4 Part 1: 10 points Assignment: Create an Internet and E-mail Acceptable Use Policy Learning Objectives and Outcomes • Research and compare Internet and e-mail use policies enforced by other organizations. • Create an Internet OR e-mail use policy for an organization. Assignment Requirements You are a networking intern at Richman Investments. An employee of the company used employer-owned equipment to access the Internet and check his personal Web-based e-mail account. He followed a link in a spam e-mail, downloaded games to his hard disk, and inadvertently infected the computer with malware, which spread to the network server. The security officer at Richman has asked you to research and to define “the acceptable use of Richman assets regarding Internet and e-mail access,” including the actions that are prohibited. The employees must be restricted from using the Internet at work for personal use, other than to occasionally check Web-based personal e-mail accounts. Personal downloads must be strictly prohibited. Your definition will become part of the overall Richman security policy. For this assignment: • Research Internet use policies on the Internet. Find the actual policies of real companies. • Compare the portions that address Internet and e-mail access of at least three different companies. • Create a simple Internet OR e-mail use policy for Richman Investments that defines the acceptable and unacceptable use of Internet and e-mail access at......

Words: 367 - Pages: 2

Lab 3 Questions

... Removing Malware: Tools and Techniques Devan A. Dunham American Military University, ISSC342, Instructor Peter Mylonakos In the digital world, there are many tools and techniques to harm your computer, but there are also the same for protecting your computer as well. Malware, or malicious software, is software that is intended to damage or disable computers and computer systems. It is very dynamic and can be hard to detect sometimes because it may disguise itself as something that should be running on your computer. For example, after installing a program, Jim doesn’t realize that the executable file he downloaded was infected with malware named “Wajam” but disguised itself as “Software Updater” under Control Panel. It ran in the background and updated itself automatically without Jim’s knowledge. So how would Jim detect and remove this virus? First, Jim should always be aware what is running on his computer. On Windows machines specifically, opening the Task Manager and taking a quick look at processes will give the user a good outlook on what is running on the computer. Users should look for anything suspicious or unknown processes and do further research upon discovering them. Another simplified way to discover malware is to use an anti-virus program. There are many available to users and doing a quick internet search will yield thousands of programs, but sticking with reputable programs will serve its purposes. Scanning for malware and other viruses is as simple as......

Words: 579 - Pages: 3

Scie211 Lab4

...Name: Date: April 19, 2015 Instructor’s Name: Assignment: SCIE211 Phase 4 Lab Report Title: Analysis of Energy Sources Instructions: You will write a 1-page lab report using the scientific method. When your lab report is complete, post it in Submitted Assignment files. Part I: Using the lab animation, fill in the data table below to gather your data, and use it to help you generate your hypothesis, outcomes, and analysis. |Energy Source |Fuel (Coal)/Uranium Needed (tons) |CO2 Emissions (tons) |Sulfur Dioxide and Other Emissions (tons) |Radioactivity mSv (millisievert) |Solid Waste (tons) |Accidents | |Quarter 1 |Coal |625,000 |1.75 mil |75,000 |0.25 mSv |150,000 |N/A | | |Nuclear |18,750/7.5 |52,500 |0 |0.0025 mSv |62.5 |N/A | |Quarter 2 |Coal |1.25mil |3.5 mil |150,000 |0.5 mSv |300,000 |Health impairments | | |Nuclear |37,500/15 |105,000 |0 |0.005 mSv |125 |N/A | |Quarter 3 |Coal |1.875mil |5.25 mil |225,000 |0.75 mSv |450,000 |Worker fatalities | | |Nuclear |56,250/22.5 |157,500 |0 |0.0075 mSv |187.5 |Minor emissions | |Quarter 4 |Coal |2.5mil |7 mil |300,000 |1 mSv |600,000 |Fire destruction | | |Nuclear |75,000/30 |210,000 |0 |0.01 mSv |250 |Catastrophic releases leading to radiation sickness, death and environmental contamination | | Part II: Write a 1-page lab report using the following scientific method sections: • Purpose o State the purpose of the lab. • Introduction o This is an investigation of......

Words: 480 - Pages: 2

Lab4 Trustletter

...| | | | | | 9/24/2007 XYZ Corporation Charitable Trust 123 Adams Street Pittsburgh, PA 15697 Shelly Martin 123 North Street Pittsburgh, PA 15697 Dear Shelly Thank you for your generous donation to the XYZ Corporation Charitable Trust Fundraiser. We are delighted to accept the following donation: Item: Massage Item Value: $50.00 Enclosed you will find the 2 tickets you requested for this Fundraising event, which will take place on Friday, October 24, 2007. We will be looking forward to seeing you and giving our personal thanks. Thank you again for your support of the fund. The proceeds will support international animal rescue efforts. With special thinks, Jeoffrey McMillan Charitable Trust President XYZ Corporation | | | | | | 9/24/2007 XYZ Corporation Charitable Trust 123 Adams Street Pittsburgh, PA 15697 Kelly Kripton 456 North Street Pittsburgh, PA 15697 Dear Kelly Thank you for your generous donation to the XYZ Corporation Charitable Trust Fundraiser. We are delighted to accept the following donation: Item: Football Tickets Item Value: $75.00 Enclosed you will find the 2 tickets you requested for this Fundraising event, which will take place on Friday, October 24, 2007. We will be looking forward to seeing you and giving our personal thanks. Thank you again for your support of the fund. The proceeds will support international animal rescue efforts. With special thinks, Jeoffrey......

Words: 2854 - Pages: 12

Lab4

...MOTHERBOARD#1 1. LGA 11156, All LGA 1156 processors and motherboards made to date are interoperable, making it possible to switch between a Celeron, Pentium, Core i3 or Core i5 with integrated graphics and a Core i5 or Core i7 without graphics. LGA 1156, also known as Socket H or H1, is an Intel desktop CPU socket. LGA stands for land grid array. That's where the CPU goes. 1156 is a socket type. The Intel H55 Chipset is used with the following processors; i7-800, i5, and the i3.Its purpose is to provide the interface for the PCI express lanes on a motherboard. The Gigabyte GA-H55M-UD2H can charge an iPhone, iPad, and an iPod touch even if the PC is on or off MOTHERBOARD#2 The AMD 770 Northbridge chipset is used with the AMD Phenom family processor. Its purpose is to link the hardware to the processor. The AMD SB710 Southbridge chipset is used with embedded AMD Athlon single and dual-core processors, it is also compatible with the quad-core Phenom. The Socket AM3 connector is used with the following processors; Phenom II, Athlon II, Sempron, and the Opteron 138x PROCESSOR CLOCK SPEED CACHE BUS SPEED ARCHITECTURE I7 I7 mobile I5 I5 mobile I3 I3 mobile vpro Vpro mobile Xeon 7000 Xeon 5000 Xeon 3000 Itanium 9000 pentium celeron TASK-3 #2 Intel E5300 is the processor number Pentium dual core means it has 2 cores 2.6 GHz is the clock speed 2M is the L2 cache 800 is the FSB speed The pins are the......

Words: 263 - Pages: 2