Creating whitelist, Calculated and recorded when you either

Creating whitelist

Assignment Help Computer Network Security

Reference no: EM132582277

Creating Whitelist / Baseline

Scenario
Students will become familiar with how to manually create a file "whitelist" from a known-good system.
MI 1. Log in to the Windows 8 machine with the creds listed in the machines tab.

This lab is equipped with an auto-scoring technology designed to track your progress as you successfully complete the lab. A short-cut is available on the Kali Linux VM Desktop to check your score. Double-click on the short-cut and a web browser window will open displaying your current score. You can periodically refresh the page as you complete more of the lab to see your current score.

The final score is calculated and recorded when you either complete or cancel the lab. If you save your lab, the score is held until you resume the lab and cancel or complete it.

Q Make sure to enter the credentials correctly, otherwise you cannot continue the lab.

2. Open a command prompt as administrator and navigate to the Hashing folder on the desktop. Then, use the tool there to generate MD5 hash values for all files currently contained on the C: drive and export the hashes to a file named MD5-Whitelist.txt.

Review the file when complete.
A This effort will take approximately 10
minutes to complete, and provide a file over 6 MBs in size.

3. Next, generate SHA256 hash values for all files currently contained on the C: drive and export the hashes to a file named SHA256-VVhitelist.txt.

Review the file as well when finished.

Find "Unauthorized" Files

Scenario
During this portion of the lab, you will be introduced to the ability to manually scan your workstation for new files and changes to files already in the baseline.
1. Find the Mystery Files.zip file in C:\Temp and extract its contents to the desktop. Then, verify there are six files within the Suspicious folder.
2. Next, and similar to before, generate MD5 hashes for the six "suspicious" files we just extracted. Then, generate SHA256 hashes for them as well.
3. Lastly, generate MD5 hashes for all files in the C:\ drive to find which files have changed in the background. You should be able to run a command to only show or output the hashes of files that have changed or been added to the system. This is to illustrate that operating systems do have a fair amount of dynamic change when they are used. What do you find?

Reference no: EM132582277

Questions Cloud

What are the 3 component parts of a nucleotide : 1) Explain the relationships between the following 4 terms nucleosome, chromatin, prophase, chromosome.

Supporting documentation for a recommendation : Provide a rationale with supporting documentation for a recommendation to move to an EHR.

Discuss three exit strategies for Olive cafe : Question - Discuss three exit strategies for Olive café, a small café in my neighborhood, their advantages and disadvantages

Describe the relationship between emr : Describe the relationship between EMR (an electronic medical record), EHR and TPMS?

Creating whitelist : Calculated and recorded when you either complete or cancel the lab. If you save your lab, the score is held until you resume the lab and cancel or complete it

Evaluate the fundamental driving forces : Evaluate the fundamental driving forces that shape the organizational environment of the selected company.

Traditional activity-based costing : Analyze the major benefits and major weaknesses of traditional Activity-Based Costing (ABC) in determining accurate overhead costs over an ABC system

Focuses on the creation of implementation plan : Focuses on the creation of an implementation plan and associated change management.

Different types of crossing over generates : Show how different types of crossing over generates new combinations of alleles? You can choose any organism and three allele

User Account

All Pages