...IS3340 Unit 6 Assignment 1 1. How much data has been modified between the last backup and the time of failure? No data should have been lost since nothing was change since the last backup and the backup would have been completed before the error occurred. 2. What images are necessary to recover the workstation? The images that are necessary would be the reimaging image along with the latest back up image available. 3. What are the steps necessary to fix the problem that cause the data loss? Verify what caused the loss by reading the logs. Determine the fix for the issue. Reimage the computer. Restore the computer to last backup state and disable the issue that caused the data loss. 4. What steps should Ken 7 take to avoid a reoccurrence of this issue in the future? Read the logs to find out what caused the issue that caused the data lose. Right a procedure guide to prevent the issue from occurring. Alert users of the occurrence of the issue and the way to prevent the issue. (Soloman, 2001) Procedure Guide: 1. Read logs to decide what cause the issue to occur. 2. Re-Image the computer to default configuration. 3. Restore to first available backup of the system. Restore Process: 1. Right-click on your Computer desktop icon (or click Start and right-click on the Computer tab on the right pane of the menu). 2. Click on Properties. 3. Locate the System protection tab in the System Properties menu. 4. Select the hard disk that you...
Words: 393 - Pages: 2
...Identifying Types of Malware Infection 1) You notice that your computer is getting slower each day. You have terminated unneeded programs, disabled unneeded services, and have recently defragmented the disks. Your computer has plenty of memory but it still seems slow. Since it only started getting slow within the last two weeks, you suspect a malware attack. You have carefully examined each of the programs running but there are no unusual programs. However, you do notice that there is substantial disk activity, even when no programs are running that should be using the disk. What kind of malware do you think is present in your computer? Rootkit and likely another type of malware – Closing all programs and still seeing disk usage would suggest that a rootkit has installed and is actively hiding the actual program running. The rootkit would hide the program while a virus or worm is likely behind the scenes wreaking havoc. 2) You download a new program to display the current weather on your desktop. Since you installed the weather application you noticed a lot of network activity and your computer is getting slow. When you terminate the weather application your computer speeds up. What kind of malware do you think is present in your computer? Trojan Horse – Acting as a useful program, it actually infects and runs amuck inside of the pc and network. 3) Within a week after ordering a new widescreen television (TV) from an online retailer, you start getting many email...
Words: 407 - Pages: 2
...test√1, Windows Security Features. Chapter 1; Chapter 2. 2, Secure Access Control. Chapter 3. Lab 1; Assignment 1. 3, Windows Encryption. Chapter 4. IS 3340 - Windows Security - ITT Tech Flint Study Resources www.coursehero.com/sitemap/schools/1177-ITT.../1724144-IS3340/ Looking for help with IS 3340 at ITT Tech Flint? Course ... IS 3340 - Windows Security - ITT Tech Flint Study Resources ...... Quality answers or your money back. IS3340 Lab Unit 5 Assignment 1 : WINDOWS SE IS3340 ... www.coursehero.com/file/8721414/IS3340-Lab-Unit-5-Assignment-1/ Jan 26, 2014 - MOST POPULAR MATERIALS FROM WINDOWS SE IS3340. 1 Page ... IS3340 Lab Unit 5 Security Assessment Potential Risk ... Access Security > Ali > Notes > IS4670_15_Syllabus.pdf ... www.studyblue.com/notes/note/n/is4670_15_syllabuspdf/.../9759518 Feb 7, 2014 - Find and study online flashcards from Access Security. ... IS3350 Security Issues in Legal Context IS3230 Access Security IS3340 Windows Security IS3440 .... Don?t assume there is only one correct answer to a question ? You've visited this page 2 times. Last visit: 5/28/14 [DOC] Assignment www.webonthecloud.com/is3340/Assignments.docx This assignment builds on the scenario of Ken 7 Windows Limited, which was ... Provide the answers to the following questions to satisfy the key points of ... IS3340 Windo ws Security STUDENT COPY: Graded Assignment Requirements. [DOC] Syllabus - ITT Tech. www.webonthecloud.com/is3340/Syllabus.docx IS3340. Windows Security...
Words: 287 - Pages: 2
...IS3340 —Windows Security E-mail: E-mail: VShafer@itt-tech.edu Cell Phone#: 865-236-1869 Title: Analyzing Windows Application Software for Security Vulnerabilities Learning Objective ▪ Design techniques to protect given Windows application software from security vulnerabilities. Key Concepts ▪ Vulnerabilities to Microsoft server and client applications ▪ Strategies for securing Microsoft server and client applications ▪ Procedures for securing Microsoft applications Class/Content Outline: 5:00pm – 5:50pm Theory 7 (50 min.) 1. Roll / Lesson Plan / Handouts 2. Review/ Discuss Unit 8 ~ ▪ Chapter 12 “Microsoft Application Security”; pp. 271-296 3. In Class IS3340.U8.GA1 ~ Unit 8 Assignment 1: Policy for Securing Windows Environment ▪ You will select from the list of security controls that best addresses to each given ERP vulnerabilities. (*Note: You will refer to the Unit 1 case scenario IS3340.U1.TS3.doc for the Ken 7 Windows Limited details.) We will discuss the correct answers in class 6:00pm – 7:40pm Lab 1 (100 min.) 4. Lab 8 ~ Apply Security Hardening on Windows Microsoft Server & Microsoft Client Applications; pp. 68-73 8:00pm – 9:40pm Theory 7 (100 min.) & 9:50pm – 10:45pm Theory 7 (55 min.) 5. IS3340.U8.GA2 ~ Unit 8 Assignment 2: Best Procedures to Secure Windows Applications ▪ To complete IS3340.U8.GA2.doc ~ You will write a Windows application policy and define its procedure for...
Words: 630 - Pages: 3
...ITT Technical Institute IS3340 Windows Security Onsite Course SYLLABUS Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory Hours, 30 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA NT2580 NT2670 Introduction to Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to Security Auditing for Compliance Countermeasures Information Security Email and Web Services NT1230 NT1330 Client-Server Client-Server Networking I Networking II IS3230 IS3350 NT1230 NT1330 Issues Client-Server Client-Server SecurityContext in Legal Access Security Networking I Networking II NT1110...
Words: 2305 - Pages: 10
...IS3340-WINDOWS SECURITY | Recommendations for Access Controls | Unit 2 Assignment 1 | | [Type the author name] | 4/3/2014 | | Access Control is the defined as “the selective restriction of access to a place or other resource”, in the RFC 4949. “The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.” Simply put the ability to read, write, modify, or deleting information or files is what Access Control is. It is more than this, in the permissions (authorization) granted to each Security Group or Individual User. The permissions mentioned in the previous paragraph are rights that a user is allowed to access, create, modify, or delete the file(s) inside a file folder, or objects. These are all permissions (authorizations) controlled by the Authorized Windows Security Personnel of the file structure. We will list some examples of how this outlined and what the impact would be, but first understand that requirements for the permissions is controlled from the Group Level, other than by Individual User, because it is easier to control from a security standpoint when you want to modify these abilities. There are four folders created (D:\ERPdocuments, D:\ERPdocuments\HRfiles, D:\ERPdocuments\SFfiles, D:\ERPdocuments\MGRfiles) which we want to allow specific permissions for certain functions (tasks). For example; by modifying the permissions under the specific user account for HRmanager to include...
Words: 436 - Pages: 2
...IS3340-WINDOWS SECURITY | BEST PRACTICES IN MANAGING CHANCES TO WINDOWS SYSTEMS AND APPLICATIONS | UNIT 10 DISCUSSION 1 | | | 5/29/2014 | | Just as Ken 7 Windows Limited is experiencing Denial of Service attacks, many corporate websites have suffered from illegal DoS attacks more than once. Companies that learn how to turn these experiences to their advantage go a long way to ensuring it doesn't happen again. The summary of what is being seen on the infrastructure is thus; * Denial of Service (DoS) attacks on the Web Servers supporting Ken 7 Windows clients. * Remote clients report connection failures/difficulty accessing Ken 7 Windows planning and order management software application The events of a network attack can uncover some very important mistakes and provide more than a few lessons. Turning these lessons into best practices is where the rewards of such adversity are realized. Ken 7 Windows can arrive at these best practices by asking: "How are we vulnerable?" The following best practices are a sample of some of the common conclusions following a DoS attack. 1. Create a virtual private network (VPN) for authenticated user. 2. Separate authentication an anonymous users on separate servers (some on different subnets). 3. Use firewall rule to close all ports except 80 (HTTP-Hypertext Transfer Protocol) & 443 (HHTPS-Hypertext Transfer Protocol over TLS/SSL). 4. Restrict all anonymous user accounts. 5. Use Kerberos...
Words: 435 - Pages: 2
...IS3340-WINDOWS SECURITY | Auditing Tools for Windows System | Unit 4 Assignment 1 | | | 5/1/2014 | | 1. You want to schedule a weekly analysis for the Windows servers in your data center. The command should run as a scheduled job and report any available patches for the Windows Server 2008 R2 operating system, Internet information services (IIS) Web server, or structured query language (SQL) server that have not been installed. Which tool would be the best choice?. MBSA command line interface 2. You like the way MBSA presents scan results but you need to scan for vulnerabilities in older Windows products, including Microsoft Office 2000. Which tool provides extended scanning and the ability to use MBSA to view scan reports? Security Configuration and Analysis (SCA) 3. Your organization wants to encourage its employees and contractors to use vulnerability scanners at home as well as at work. You want to select a single vendor that can provide scanner software products for home and enterprise computers. A single vendor product line can streamline coordinating and analyzing scan results from many different computers. Which set of tools would be the best choice? Secunia Security Analyzers 4. You have developed several templates that consist of security settings for several types of computers, including desktop workstations, laptops, and various servers. You want to quickly compare a computer’s settings to its corresponding template to see if any...
Words: 271 - Pages: 2
...IS3340-WINDOWS SECURITY | Encryption and BitLocker Activity | Unit 3 Assignment 1 | | | 5/1/2014 | | 1. One of the shop floor computers that is connected to your network is commonly used by the floor manager. You want the floor manager’s files to be encrypted on that computer. Although the floor manager’s documents folder is on a central server, there are some local temporary files that could contain sensitive information and should be encrypted at all times. Which Windows encryption feature would best provide encryption for all of the floor manager’s local files while leaving other users’ files unencrypted? Folder Encryption: EFS 2. The human resource (HR) manager stores a spreadsheet with sensitive personal information on her local workstation. The spreadsheet is the only file with sensitive data and the name of the spreadsheet does not change. Which Windows encryption feature would ensure this one file is always stored on the disk in encrypted format? File Encryption: EFS 3. The chief executive officer (CEO) wants to copy confidential sales projection information from her workstation to her laptop via a universal serial bus (USB) device. What is the best option to ensure the confidential information is secure during the copying process? BitLocker To Go 4. You want to encrypt your main file server’s disk that stores confidential information for several users. Which Windows encryption feature encrypts an entire disk and is not dependent...
Words: 294 - Pages: 2
...IS3340-WINDOWS SECURITY | Security Audit Procedure Guide | Unit 5 Assignment 3 | | [Type the author name] | 5/1/2014 | | This document outlines the required steps to follow, inorder to properly scan the necessary hardware (servers and workstations) in the Ken 7 Windows Limited Domain for security vulnerabilities. 1) Acquire and install MBSA •Download MBSA. Download MBSA from the MBSA home page, and then install it to the default directory. •Updates for MBSA. If both the computer you will be scanning and the computer with MBSA installed have Internet access, the latest security catalog (.cab file), authentication files, and WUA installer files will be automatically downloaded, if needed. If either the target computer or the computer with MBSA installed does not have Internet access, download the following files and place them in the C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache\ directory on the computer that is performing the scan. 2) Scan computers Run MBSA and clear the Check for security updates check box when performing the scan. Using the Graphical Interface Tool The following procedure describes how to use the MBSA GUI tool. To use the MBSA GUI tool to scan for updates and patches 1. On the Programs menu, click Microsoft Baseline Security Analyzer. 2. Click Scan a computer. 3. Make sure that the following options are not selected, and then click Start scan. * Check for Windows administrative...
Words: 487 - Pages: 2
...IS3340-WINDOWS SECURITY | Minimizing Recovery Time Strategies | Unit 6 Assignment 1 | | | 5/5/2014 | | This document outlines the required steps to follow, in-order to properly scan the necessary servers and workstations in the Ken 7 Windows Limited Domain for security vulnerabilities. 1) Acquire and install MBSA(Microsoft Baseline Security Anaylizer) •Download MBSA. Download MBSA from the MBSA home page, and then install it to the default directory. •Updates for MBSA. If both the computer you will be scanning and the computer with MBSA installed have Internet access, the latest security catalog (.cab file), authentication files, and WUA installer files will be automatically downloaded, if needed. If either the target computer or the computer with MBSA installed does not have Internet access, download the following files and place them in the C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache\ directory on the computer that is performing the scan. 2) Scan computers Run MBSA and clear the Check for security updates check box when performing the scan. Using the Graphical Interface Tool The following procedure describes how to use the MBSA GUI tool. To use the MBSA GUI tool to scan for updates and patches 1. On the Programs menu, click Microsoft Baseline Security Analyzer. 2. Click Scan a computer. 3. Make sure that the following options are not selected, and then click Start scan. * Check...
Words: 487 - Pages: 2
...IS 3440 Final Exam Study Guide Question Course Reference Number Objective 1. 1.1 Security Strategies in Linux Platforms and Applications, Pages 22–23 2. 1.2 Security Strategies in Linux Platforms and Applications, Page 7 3. 1.3 Security Strategies in Linux Platforms and Applications, Page 21 4. 1.4 Security Strategies in Linux Platforms and Applications, Page 24 5. 1.5 Security Strategies in Linux Platforms and Applications, Page 10 6. 2.1 Security Strategies in Linux Platforms and Applications, Page 69 7. 2.2 Security Strategies in Linux Platforms and Applications, Page 62 8. 2.3 Security Strategies in Linux Platforms and Applications, Page 39 9. 2.4 Security Strategies in Linux Platforms and Applications, Page 37 10. 2.5 Security Strategies in Linux Platforms and Applications, Page 40 11. 3.1 Security Strategies in Linux Platforms and Applications, Pages 95–97 12. 3.2 Security Strategies in Linux Platforms and Applications, Page 85 13. 3.3 Security Strategies in Linux Platforms and Applications, Page 88 14. 3.3 Security Strategies in Linux Platforms and Applications, Page 104 15. 3.5 Security Strategies in Linux Platforms and Applications, Page 97 16. 4.1 Security Strategies in Linux Platforms and Applications, Pages 116–117 17. 4.2 Security Strategies in Linux Platforms and Applications, Page 138 18. 4.2 Security Strategies in Linux Platforms and Applications, Page 134 19. 4.4 Security Strategies in Linux Platforms and Applications...
Words: 793 - Pages: 4
...Study Guide for Windows Security Final IS3340 1. Many current operating systems actually implement microkernel architecture. Microkernel only implements the minimal required. Processes generally run in either user mode or supervisor mode. 2. The process of providing and denying access is called access control. Access control is multi step process starting with Identification and authentication. Three authentication types are type I, II, and III 3. User rights define the tasks that user is permitted to carry out, such as take ownership of objects or shutdown the computer. Permissions define what a user can do to a specific object such as read or delete the object. 4. This functionality has matured into a core Windows feature called, Active Directory this allows users and groups to be defined once and shared among multiple computers. 5. The main feature of Microsoft Active Directory is the ability to define identity and Authorization permission that can be shared among multiple computers within one or more domains. 6. The principal of providing the just the necessary access required to carry out a task is called the principal of least privilege or LUAs. 7. Access Models: Identification, Authentication, Authorization, ACL’s and Security Access Token (SAT). 8. Access Control List (ACL), Discretionary Access Control List (DACL), and Access Control Entry (ACE). 9. Access Models: Identification, Authentication, Authorization, ACL’s and Security Access Token (SAT). 10. cacls...
Words: 1195 - Pages: 5
