User Account

All Pages

Windows hardening recommendations

Assignment Help Basic Computer Science
Reference no: EM133025458

Part 2

Windows Hardening Recommendations

Scenario

As a security administrator for Always Fresh, you have been instructed to ensure that Windows authentication, networking, and data access are hardened. This will help to provide a high level of security.

The following are issues to be addressed through hardening techniques:

- Previous attempts to protect user accounts have resulted in users writing long passwordsdown and placing them near their workstations. Users should not write down passwords or create passwords that attackers could easily guess, such as words founds in thedictionary.

- Every user, regardless of role, must have at least one unique user account. A user whooperates in multiple roles may have multiple unique user accounts. Users should use the account for its intended roleonly.

- Anonymous users of the web server applications should only be able to access servers located in the demilitarized zone (DMZ). No anonymous web application users should be able to accessany protected resources in the Always Fresh ITinfrastructure.

- To protect servers from attack, each server should authenticate connections based on thesource computer anduser.

Tasks

Create a summary report to management that describes a hardening technique that addresses each issue listed above. Provide rationale for each selection.

Part 1

Secure Windows Applications Policy

Scenario

One of the security improvements for the Always Fresh IT environment is to ensure all workstations and servers run secure applications. The company needs policies that set security requirements for the software. These policies will guide administrators in developing procedures to ensure all client and server software is as secure as possible.

Specifically, you will write two policies to ensure web server software and web browsers are secure. Your policy statements will describe the goals that define a secure application.

Consider the following questions for web server software and web browsers:

1. What functions should this software applicationprovide?

2. What functions should this software applicationprohibit?

3. What controls are necessary to ensure this applications software operates asintended?

4. What steps are necessary to validate that the software operates asintended?

Tasks

Create two policies-one for web server software and one for web browser clients. Remember, you are writing policies, not procedures. Focus on the high-level tasks, not the individual steps.

Use the following as a guide for both policies:

- Type of applicationsoftware

- Description of functions this software shouldallow

- Description of functions this software shouldprohibit

- Known vulnerabilities associated withsoftware

- Controls necessary to ensure compliance with desiredfunctionality

- Method to assess security controleffectiveness

Part 3

Evidence Collection Policy

Scenario

After the recent security breach, Always Fresh decided to form a computer security incident response team (CSIRT). As a security administrator, you have been assigned the responsibility of developing a CSIRT policy that addresses incident evidence collection and handling. The goal is to ensure all evidence collected during investigations is valid and admissible in court.

Consider the following questions for collecting and handling evidence:

1. What are the main concerns when collectingevidence?

2. What precautions are necessary to preserve evidencestate?

3. How do you ensure evidence remains in its initialstate?

4. What information and procedures are necessary to ensure evidence is admissible incourt?

Tasks

Create a policy that ensures all evidence is collected and handled in a secure and efficient manner. Remember, you are writing a policy, not procedures. Focus on the high-level tasks, not the individual steps.

Address the following in your policy:

- Description of information required for items ofevidence

- Documentation required in addition to item details (personnel, description of circumstances,and soon)

- Description of measures required to preserve initial evidenceintegrity

- Description of measures required to preserve ongoing evidenceintegrity

- Controls necessary to maintain evidence integrity instorage

- Documentation required to demonstrate evidenceintegrity.

Reference no: EM133025458

Questions Cloud

Network plan you are investigating and researching : Make sure that for this network plan you are investigating, researching, and brainstorming stakeholder needs
How many units would need to be sold : If the selling price is reduced by 5%, variable costs per unit reduced by $1.00, and fixed costs increased to a total of $40,750, how many units would need sold
Data warehousing and multi-dimensional data models : Data Warehousing, Multi-Dimensional Data Models and OLAP or Systems for machine learning and model management.
What is the book value per share : What is the book value per share assuming that the company has 30,000 shares of common stock outstanding throughout the year 2020
Windows hardening recommendations : Create a summary report to management that describes a hardening technique that addresses each issue listed above. Provide rationale for each selection.
Review software license agreements : Review software license agreements in your textbook and research them online.
Common model for security is called defense in depth : A common model for security is called "Defense in Depth."
Learn about the cryptolocker virus : "Research a security threat. Learn about the CryptoLocker Virus. What advice would you give users about whether to pay the ransom demanded?
About the cryptolocker virus : "Research a security threat. Learn about the CryptoLocker Virus. What are the symptoms that a PC has been infected by the CryptoLocker Virus?

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Tax be allocated between consumers and producers

How will the burden of this tax be allocated between consumers and producers? What will be the loss of consumer and producer surplus?

  Specifications for the first draft

Submit a first version of your MyClone class. Your MyClone class should have instance variables firstName and lastName. The firstName and lastName instance variables will hold your first and last names. You will demonstrate your understanding of e..

  Compare the use of r vs python

Compare and contrast the use of R vs Python and identify the pros and cons of each

  Analyzing and visualizing data

Develop a paper describing how the knowledge, skills, or theories of this course have been applied or could be applied,

  Description of the implications for the organizations

Could you please elaborate on a case analysis about Rite Corp.  This should be included the following three strategy factors: a) Demand, competitive advantage, competitors, labor force, and outsourcing.

  Example of a perfect stream cipher

The Vernam cipher is an example of a perfect stream cipher. Now consider the following encryption yi = (binary message xi) xor (binary key ki).

  Create a simple tic-tac-toe program

For the Mid-Term assignment we are going to create a simple Tic-Tac-Toe program. You can design the user interface any way that you would like to. It should allow two places to put X's or O's down on the board and determine if a player as won or..

  Black hole attack and wormhole attack

Discuss and describe the difference between a black hole attack and a wormhole attack.

  Disaster recovery plan-computer incident response team

Write a DRP and the plan for CIRT for the HealthNet Scenario. Disaster Recovery Plan, Computer Incident Response Team

  Inter-connected php pages for online shopping

The Registration Page (registration.php).  It has a header but has no registration button on the right. It will take the customer information (e.g., name, contact, etc.) and save them in Php session variables/array/object. At the submit button, it ve..

  In africa economy what are the terms of trade

What factors lead them to change over time? Briefly explain the major argument of the factor endowment trade theory.

  User for toppings and diameter

Design an application (submit pseudocode) that declares an array of 10 pizza objects. Prompt the user for toppings and diameter of each pizza

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd