Lab 8 Discussion

In: Science

Submitted By pateldipa
Words 818
Pages 4
Experiment 8 Lab Report Analysis of Oxidizing Capacity of Bleach The goal of this lab is to perform a titration of a sample of bleach with thiosulfate, figuring the end point with a starch indicator. We will determine the percent mass of sodium hypochlorite in bleach by using the volume of sodium thiosulfate needed to reach the end point. This value represents the oxidizing capacity of the unknown bleach. At the end, we will create two redox reactions to determine the overall chemical reaction that occurs during this process. I think that my oxidizing capacity will be 5.0g. Most bleach contains salts with the hypochlorite ion, the oxidizing agent that removes stains and whitens them. The hypochlorite ion usually comes in the form of sodium hypochlorite, NaOCl, or calcium hypochlorite. The two oxidation reduction reactions that occur during this experiment are first the oxidation of iodide to iodine, I2(aq), by the hypochlorite ion and then making the aqueous iodine reduce back to iodide by titrating it with sodium thiosulfate. The overall stoichiometry of the reaction is one mole of hypochlorous acid, formed by placing the sodium hypochlorite into acidic solution, plus two moles of the thiosulfate ion plus hydrogen ions from the solution yielding one mole of chlorite anions, one mole of the tetrasulfur hexoxide anion and one mole of liquid water. We began the titration of aqueous iodine by adding .05M sodium thiosulfate until the brown colored solution began to turn a bright yellow. As the solution proceeded to turn yellow, we mixed thoroughly to ensure that all the iodine indeed dissolved in solution. After the solution became yellow, we added starch as an indicator and the solution turned a dark black color. We then added more thiosulfate, this time drop by drop, until the solution turned colorless meaning the end point had been reached. The dominant form…...

Similar Documents

Discussion 8

...Discussion 8 1. Is it fair that an actor or sport athlete makes more money than a doctor, a teacher, or a person serving in the military? Someones salary is usually based on the amount of education, knowledge, experience and amount of risk taken. For the most part I found most salary comparisons followed these guidelines. There was one comparison I could not understand. I think that a sport athletes salary and any other person who is willing to put their life at risk for the sake of others, should have comparilable salaries which in most cases is not what is happening. 2. Do you believe in the American Dream, that is, that by working hard, you and/or your children can be more economically successful than previous generations in your family? I believe that each person has their own interpretation of what their "American Dream" is. Unfortunately, I do believe that societies overall dream is to be more "economically successful than previous generations in your family." My hope for current and future generation "American Dreamers" is they broaden their meaning of their dream and simplify it at the same time, giving it a one word definition, Happiness. I chose this word because I believe it to be universal through all cultures. It encompasses all the little things each one of us breaks Happiness into. Besides, having practiced being happy while trying to turn every negative moment that happens throughout the day into a positive. It is without a doubt easier to contiue......

Words: 270 - Pages: 2

Lab 8

...addition, these database should enforce storage limits to prevent certain email recipients from using up all of the available space on your Mailbox role server before your databases are put into production. It is the most important role in your Exchange organization because it stores and manages access to the mailboxes and public folders used to store vital company information. 7. What have more than one database for your mailbox server? Because it optimizes database performance as well as provides for flexible recovery in the case of database corruption. If a single database becomes corrupted, then you can take the single database offline by dismounting it and then restore it from backup without affecting the other three databases. 8. What is the purpose of limiting hard drive space available for emails? The purpose is to prevent ambitious users from using up all of the available space on the Mailbox role servers. 9. Explain what occurs as a user reaches their email storage limit. The user will receive a warning email at 1:00 a.m. from Exchange indicating that he is approaching his limit and should remove any unnecessary emails. 10. What sort of security features can be provided by the Exchange Server 2007 when a user is accessing the server remotely? You can now restrict the user features that are available in OWA as well as the company file servers that OWA users are allowed to access. 11. Why do administrators disable the “change password” feature......

Words: 923 - Pages: 4

Lab #8 – Assessment Worksheet

...JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES LABORATORY MANUAL TO ACCOMPANY Fundamentals of Information Systems Security 1E REVISED 38351_FMxx.indd i 8/1/12 12:48 PM World Headquarters Jones & Bartlett Learning 5 Wall Street Burlington, MA 01803 978-443-5000 info@jblearning.com www.jblearning.com Jones & Bartlett Learning books and products are available through most bookstores and online booksellers. To contact Jones & Bartlett Learning directly, call 800-832-0034, fax 978-443-8000, or visit our website, www.jblearning.com. Substantial discounts on bulk quantities of Jones & Bartlett Learning publications are available to corporations, professional associations, and other qualified organizations. For details and specific discount information, contact the special sales department at Jones & Bartlett Learning via the above contact information or send an email to specialsales@jblearning.com. Copyright © 2013 by Jones & Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. No part of the material protected by this copyright may be reproduced or utilized in any form, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the copyright owner. The Laboratory Manual to accompany Fundamentals of Information Systems Security is an independent publication and has not been authorized, sponsored, or otherwise approved by the......

Words: 25750 - Pages: 103

Lab 8

...Laboratory #8 NAME ________________tom ferraiuolo________________________________ Lab #8: Perform a Website & Database Attack by Exploiting Identified Vulnerabilities Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: • Identify web application and web server backend database vulnerabilities as viable attack vectors • Develop an attack plan to compromise and exploit a web site using cross-site scripting (XSS) against sample vulnerable web applications • Conduct a manual Cross-site Scripting (XSS) attack against sample vulnerable web applications • Perform SQL injection attacks against sample vulnerable web applications with e-commerce data entry fields • Mitigate known web application and web server vulnerabilities with security countermeasures to eliminate risk from compromise and exploitation Required Setup and Tools 1. Target VMs as described by the lab: a. Instructor and Student VM workstations with desktop applications and tools. b. Ubuntu Linux 10.04 LTS Server (VM Name: “TargetUbuntu01”) o Computer Name: Ubuntu01 o ONE User available ONLY: administrator <case sensitive> o Password: ISS316Security (case sensitive) Apache running “Damn Vulnerable Web App” (DVWA) o URL: http://<serveripaddress>/dvwa o Username: admin o Password: password 2.Standard ITT onsite student workstation must have the following software applications loaded to perform this......

Words: 1573 - Pages: 7

Lab 8

...remediation is performed before it is allowed into the trusted network. For remote access clients, authorized and unauthorized network traffic will use separate security domains such as Virtual Local Area Networks (VLANs) (STIG Viewer, 2011). 7. What is a VPN? Distinguish between VPN server, VPN client, VPN router, and SSL VPNS. A virtual private network (VPN) is a dedicated tunnel from one endpoint to another. The VPN tunnel can be created between a remote workstation using the public Internet and a VPN router or a secure browser and Secure Sockets Layer (SSL)-VPN Web site (Kim & Solomon, 2012). VPN goes between a VPN client (computer) to a VPN server (network). SSL VPNs do not need to run a VPN client to connect to the network (Netgear, 2008). 8. What is the difference between a tunnel-mode VPN and a split-tunneling VPN? A tunnel-mode VPN encapsulates the entire Internet Protocol (IP) packet, adding a new header, and then the entire diagram is encrypted. The split-tunneling VPN only encrypts traffic that is destined for or originating from hosts on the network; all other IP traffic is sent outside of the VPN connection to hosts connected on the Internet unencrypted (Inform It, n.d.). 9. According to the Remote Access Policy STIG are personally owned devices considered acceptable to perform privileged (administrative) tasks on a DoD network? Personally owned devices are not considered acceptable to perform privileged tasks on a Department of Defense (DoD) network......

Words: 917 - Pages: 4

Lab # 8

... 6. What is the standard formula to rank potential threats? Decompose the application, determine and rank threats, and determine countermeasures and mitigation. 7. If an organization is identified as not using any password policies for any of its applications what would be two suggestions to note in the assessment? That the organization is a great risk without any password policies. 8. Should newly-released patches for a known vulnerability be applied to production system once released? Yes 9. What is the importance of having a security incident response plan in an organization? So that when there is a security incident all employees involved know the correct way to handle the incident. 10. What would an auditor be trying to verify if he/she is asking to view logs for certain dates? To view what was enter in on that day to match the reports. 11. How could the findings from the Skipfish and rats scanning performed in lab #7 be categorized and presented in an assessment report? In a summary of the findings. 12. Consider the analysis tool Skipfish used in lab #7 is to be included in a web assessment report. What pertinent information about the method of testing and tools used could be included in an assessment report? 13. Provide a remediation recommendation for a potential vulnerability found with the use of the “eval” function in a static analysis report. 14. Explain the process of remediation for a XSS scripting vulnerability found from...

Words: 473 - Pages: 2

Lab 8

...Jack Ferguson 12 May 14 Lab #8 In cryptography, encryption is the process of encoding messages in such a way that eavesdroppers or hackers cannot read it, but that authorized parties can. In an encryption scheme, the message or information (referred to as plaintext) is encrypted using an encryption algorithm, turning it into an unreadable ciphertext . This is usually done with the use of an encryption key, which specifies how the message is to be encoded. Any adversary that can see the ciphertext should not be able to determine anything about the original message. An authorized party, however, is able to decode the ciphertext using a decryption algorithm, that usually requires a secret decryption key that adversaries do not have access to. For technical reasons, an encryption scheme usually needs a key-generation algorithm to randomly produce keys. There are two basic types of encryption schemes: Symmetric-key and public-key encryption. In symmetric-key schemes, the encryption and decryption keys are the same. Thus communicating parties must agree on a secret key before they wish to communicate. In public-key schemes, the encryption key is published for anyone to use and encrypt messages. However, only the receiving party has access to the decryption key and is capable of reading the encrypted messages. Public-key encryption is a relatively recent invention: historically, all encryption schemes have been symmetric-key (also called private-key)......

Words: 1540 - Pages: 7

Lab 8

...and install rpm packages. rpm –ivh ; RPM filename has package name, version, release & architecture name (-i : install, -v : verbose, -h : print hash marks as the package archive is unpacked). rpm -qlp ; will list out the file without extracting into the local directory folder. rpm –Vp ; compares information about the installed files with information about the files taken from the metadata stored within the rpm database. 6. What security countermeasure can you enable to verify the integrity of downloaded applications or tar balls before you perform the installation? use Ark to extract the tar ball 7. Explain what hashing is and how does this differ from encryption? Hashing is just line of code and it is not encrypted 8. If you wanted to know which package a certain program belonged to, what command would you run? tar xvzf PACKAGENAME.tar.gz 9. Once you have downloaded an RPM package, what command would you run if you wanted to extract the files to directory of your choice? tar xzvf file.tar.gz 10. Where would you find checksum hashes for all installed programs in Fedora Linux Server? Verification code called a hash computed from the original ISO files....

Words: 367 - Pages: 2

Pt1420 Lab 8

...Lab 8.1 Step 2: The hour is 1 continue loop till the hour is 24 then stop. Step 3: Constant Integer Max_Minutes = 60 Declare Integer minutes For minutes = 1 to Max_Minutes Display “The minute is “, minutes End For Step 4: Constant Integer Max_Seconds = 60 Declare Integer seconds For seconds = 1 to Max_Seconds Display “The second is “, seconds End For Step 6: The number is 2 The number is 4 The number is 6 The number is 8 The number is 10 Step 7: Constant Integer Max_VALUE = 200 Declare Integer counter For counter = 20 to Max_VALUE step 20 Display “The number is “, counter End For Step 9: Enter the number of students in class Display however many numbered students you enter Step 11: Loop five times, each asking you to enter a number Displaying the total at the end Step 12: Declare Integer counter Declare Integer totalAge = 0 Declare Real averageAge = 0 Declare Integer age Declare Integer number Display “How many ages do you want to enter: “ Input number For counter = 1 to number Display “Enter age “ Input age Set totalAge = totalAge + age End For averageAge = totalAge / number Display “The average age is “, averageAge Lab 8.2 Lab 8.3 Module Module1 Sub Main() Dim anotherDay As String = "yes" While anotherDay = "yes" Dim totalSpeed As Double = 0 Dim averageSpeed As Double = 0 enterSpeeds(totalSpeed) calcAverage(totalSpeed, averageSpeed) ...

Words: 324 - Pages: 2

Lab 8

...Lab 8.1 Step 2: The hour is 1 continue loop till the hour is 24 then stop. Step 3: Constant Integer Max_Minutes = 60 Declare Integer minutes For minutes = 1 to Max_Minutes Display “The minute is “, minutes End For Step 4: Constant Integer Max_Seconds = 60 Declare Integer seconds For seconds = 1 to Max_Seconds Display “The second is “, seconds End For Step 6: The number is 2 The number is 4 The number is 6 The number is 8 The number is 10 Step 7: Constant Integer Max_VALUE = 200 Declare Integer counter For counter = 20 to Max_VALUE step 20 Display “The number is “, counter End For Step 9: Enter the number of students in class Display however many numbered students you enter Step 11: Loop five times, each asking you to enter a number Displaying the total at the end Step 12: Declare Integer counter Declare Integer totalAge = 0 Declare Real averageAge = 0 Declare Integer age Declare Integer number Display “How many ages do you want to enter: “ Input number For counter = 1 to number Display “Enter age “ Input age Set totalAge = totalAge + age End For averageAge = totalAge / number Display “The average age is “, averageAge Lab 8.2 Lab 8.3 Module Module1 Sub Main() Dim anotherDay As String = "yes" While anotherDay = "yes" Dim totalSpeed As Double = 0 Dim averageSpeed As Double = 0 enterSpeeds(totalSpeed) calcAverage(totalSpeed, averageSpeed) ...

Words: 324 - Pages: 2

Is418 Lab 7 & 8

...Week 4 Lab This lab consists of two parts: Make sure you label each section accordingly and answer all the questions. For this lab it is recommended that you review the Demo Lab presentations in the Unit 7 and Unit 8 Learning Space. Click the PRACTICE link > DEMO LAB > then click the hyperlink to launch the demonstration. Part #1 Apply Hardened Security for the Linux Kernel Learning Objectives and Outcomes Upon completing this lab, students will learn about the following tasks: * Review and tune the kernel parameters on a Fedora Core Linux Server for security and monitoring purposes * Produce kernel versions and loaded options for a better understanding of how the system is configured and to identify potential security vulnerabilities in the Fedora Core Linux Server * Edit /etc/sysctl.conf file and adjust tcp_sysncookies settings to configure secure options for users on a Fedora Core Linux Server * Review and assess the Loaded Kernel Modules (LKM’s) of the target Linux system and provide recommendations on the output and current running configuration * Use and interpret the lmod command output and perform security hardening configurations on the Fedora Core Linux Server Overview This lab is an extension of the previous hands-on labs. This lab continues with the system and security hardening for the Fedora Core Linux Server. In this lab the students need to review and security harden the Linux kernel with security parameters. They......

Words: 1460 - Pages: 6

Lab 8

...12 failed log in attempts Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 5/30/2014 8:30:18 AM Event ID: 4625 Task Category: Logon Level: Information Keywords: Audit Failure User: N/A Computer: TarWin2012DC.securelabsondemand.com Description: An account failed to log on. Subject: Security ID: NULL SID Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 Account For Which Logon Failed: Security ID: NULL SID Account Name: TARGET2012B$ Account Domain: SECURELABSONDEM Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xC000006D Sub Status: 0xC000006A Process Information: Caller Process ID: 0x0 Caller Process Name: - Network Information: Workstation Name: TARGET2012B Source Network Address: 172.30.0.18 Source Port: 49304 Detailed Authentication Information: Logon Process: NtLmSsp Authentication Package: NTLM Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon request fails. It is generated on the computer where access was attempted. The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The Logon Type field indicates the kind of logon that was requested. The most common types are...

Words: 711 - Pages: 3

Nos 230 Lab 8

...Lab 8 Creating and Configuring Virtual Machine Storage | | This lab contains the following exercises and activities: Exercise 8.1Exercise 8.2Exercise 8.3 Exercise 8.4Exercise 8.5Lab Challenge | Creating a Virtual Hard DiskEditing a Virtual Hard Disk FileCreating a Virtual Machine with an Existing Virtual Hard DiskConfiguring QOS on a Virtual Hard DiskCreating a Pass-Through DiskCreating a Checkpoint | BEFORE YOU BEGIN The lab environment consists of three servers connected to a local area network, one of which is configured to function as the domain controller for a domain called adatum.com. The computers required for this lab are listed in Table 8-1. Table 8-1 Computers Required for Lab 8 Computer | Operating System | Computer Name | Domain controller 1 | Windows Server 2012 R2 | SERVERA | Member server 2 | Windows Server 2012 R2 | SERVERB | Member server 3 | Windows Server 2012 R2 | SERVERC | In addition to the computers, you also require the software listed in Table 8-2 to complete Lab 8. Table 8-2 Software Required for Lab 8 Software | Location | Lab 8 student worksheet | Lab08_worksheet.docx (provided by instructor) | Working with Lab Worksheets Each lab in this manual requires that you answer questions, take screen shots, and perform other activities that you will document in a worksheet named for the lab, such as Lab08_worksheet.docx. It is recommended that you use a USB flash drive to store your worksheets, so you can submit them to...

Words: 1958 - Pages: 8

Lab 8

...Joshua Reynolds FW9135 Psy1010 Section 052 TA Monica De Iorio 8th Lab Assignment There are many ways to cope with stress but we learned about 3 specific strategies in lab. These three included cognitive, behavioral, and avoidance strategies. Active cognitive strategies include actively thinking about a situation to adjust more effectively to it. This strategy is one of the better ways to cope with stress. Then you have active behavioral strategies and this involves actively taking some type of action to improve a problem situation that is stressing you out. This is the other strategy that is best for relieving stress. The third strategy that we had learned about was the avoidance strategy. This strategy is not a good strategy to use and can sometimes make things worse. Avoidance involves keeping the stressful situation and circumstances out of awareness. This could potentially cause more stress. The strategy that I tend to use the most is the active behavioral strategy. I like to take action in everything that I do, especially when it involves things that are causing or will cause myself to stress out. An example of that would be of someone had a problem with me I would go talk to them about it and try to figure out what the problem is. Instead of avoiding it or just thinking about it I would go do something about it. Another example could be if I had a bad grade in a class I would go see my professor to see what I could do about it and make that extra effort. The......

Words: 315 - Pages: 2

Lab 8

...Lab #8 – Assessment Worksheet Performing a Web Site and Database Attack by Exploiting Identified Vulnerabilities Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you performed simple tests to verify a cross-site scripting (XSS) exploit and an SQL injection attack using the Damn Vulnerable Web Application (DVWA), a tool left intentionally vulnerable to aid security professionals in learning about Web security. You used a Web browser and some simple command strings to identify the IP target host and its known vulnerabilities, and then attacked the Web application and Web server using cross-site scripting (XSS) and SQL injection to exploit the sample Web application running on that server. Lab Assessment Questions & Answers 1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production implementation? To make sure no one can penetrate your web application before you put it in a live situation. 2. What is a cross-site scripting attack? Explain in your own words. Cross-site scripting is a type of computer security vulnerability typically found in web applications that enables attacks to inject client side script into web pages viewed by others 3. What is a reflective cross-site scripting attack? A reflective attack a type of computer security vulnerability it involves the web application dynamically generating a response......

Words: 442 - Pages: 2