Reference no: EM132189270
LAB: PATCH AND SECURE INSTRUCTIONS
1. Use the lab virtual environment for this assignment where specific instructions for tasks and deliverables are located. After completing the lab, write a lab report that includes all of the required deliverables, screen shots of each operation, and any additional information you gathered.
2. You are also required to include at least one page of written content with a minimum of 2 referenced citations that discusses your findings from each of the lab operations. This can include reasons why the findings are important, actions the organization can take to solve any discovered problems, and any other pertinent information you discovered. This content can be included anywhere in your lab report as long as you meet the one page requirement.
3. Your report must also include Biblical integration that relates a Bible verse, passage, or concept to the assignment. This will count as one of your required citations.
4. APA style references must be included for each citation used.
5. Extra credit sections are not required but, if you complete them, earned points will be used to offset missed sections in the other parts of the lab.
You can use any tools available to you on the lab system as well as internet resources, but keep the focus on securing the system from future attacks.
Client: Liberty Vacation Planning Inc. (LVP)
Project: Patch and Secure
1. Project Objectives
With this Statement of Work, LVP is engaging you to conduct systems hardening and patching to address previously identified vulnerabilities that could be abused by malicious users to adversely affect the LVP network environment. The system hardening and patching should fix any critical or high vulnerabilities, and a single medium vulnerability related to SMB null sessions. Also, network file share permissions should be strengthened. Create a series of screenshots to document your progress.
The objectives of this assessment are as follows:
– Install Microsoft updates on the Windows machine at 10.100.0.2.
– Change the password for the user named tomcat with the manager-gui role on 10.100.0.2.
– Remove the Everyone group from the liberty_travel share on 10.100.0.2.
– Enable the Local Security Policy named Network access: restrict anonymous access to named pipes and shares on 10.100.0.2 to disable the SMB null sessions.
– Perform a Nessus Basic Network scan against 10.100.0.2 to confirm that the vulnerabilities addressed by the fixes applied in this SOW do not reappear.
Note: the objective of this Statement of Work is to repair (not exploit) the vulnerabilities.
2. Project scope
The scope of the patch and secure project is as follows:
– The network server with IP address 10.100.0.2.
Note: Any items not listed here are considered out of scope for this project; the addition of out of scope items to the project scope will not be made without prior approval and authorization from LVP and will be handled through change requests or as separate SOWs.
3. Project deliverables
The deliverable(s) for this project are as follows:
a. Proof of the installation of Microsoft updates
This proof will be provided in the following manner:
– A screenshot showing the installation window for each of the three Microsoft updates found on the win7machine-00001 desktop.
– A brief explanation of which flaw previously identified by the Nessus scan will be addressed by each of the three update files.
b. Proof of a unique password for the tomcat user account
This proof will be provided in the following manner:
– A screenshot showing the password for the tomcat user account with the manager-gui role has been changed in the user's file.
c. Proof of hardened network file share permissions
This proof will be provided in the following manner:
– A screenshot showing the Share Permissions tab for the liberty_travel share.
d. Proof of SMB null sessions are disabled
This proof will be provided in the following manner:
– A screenshot showing the new setting for the local security policy named Network access: restrict anonymous access to named pipes and shares
4. Access to system
You will have access to the win7machine-00001 (10.100.0.2) in order to make the changes required by this SOW.
We also have dedicated a Kali Linux machine on our internal network (Kali_Student_681) that has the Nessus vulnerability scanner installed. You may access Nessus using the Iceweasel browser and the account credentials in the following table.
Use the user account provided in the following table to access our network:
System Name
|
User Name
|
Password
|
CSCI_681_Student
|
root
|
student
|
Nessus
|
student
|
student
|
win7machine-00001 (10.100.0.2)
|
liberty
|
student
|
5. Project schedule
All services outlined under the project scope will be completed within two weeks of receiving this statement of Work.
Note: any changes to project objectives or project scope will be handles through change requests or separate SOWs.
6. Authorization
This Statement of Work will serve as written authorization for this assessment activity.