...IT255 Lab 1 & Assessment Questions Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-28 19:38 Eastern Standard Time Nmap scan report for 172.30.0.10 Host is up (0.0054s latency). Not shown: 92 closed ports PORT STATE SERVICE 53/tcp open domain 88/tcp open kerberos-sec 135/tcp open msrpc 139/tcp open netbios-ssn 389/tcp open ldap 445/tcp open microsoft-ds 1025/tcp open NFS-or-IIS 1027/tcp open IIS MAC Address: 00:0C:29:99:40:7B (VMware) Skipping SYN Stealth Scan against 172.30.0.75 because Windows does not support scanning your own machine (localhost) this way. Nmap scan report for 172.30.0.75 Host is up. PORT STATE SERVICE 7/tcp unknown echo 9/tcp unknown discard 13/tcp unknown daytime 21/tcp unknown ftp 22/tcp unknown ssh 23/tcp unknown telnet 25/tcp unknown smtp 26/tcp unknown rsftp 37/tcp unknown time 53/tcp unknown domain 79/tcp unknown finger 80/tcp unknown http 81/tcp unknown hosts2-ns 88/tcp unknown kerberos-sec 106/tcp unknown pop3pw 110/tcp unknown pop3 111/tcp unknown rpcbind 113/tcp unknown auth 119/tcp unknown nntp 135/tcp unknown msrpc 139/tcp unknown netbios-ssn 143/tcp unknown imap 144/tcp unknown news 179/tcp unknown bgp 199/tcp unknown smux 389/tcp unknown ldap 427/tcp unknown svrloc 443/tcp unknown https 444/tcp...
Words: 1062 - Pages: 5
...Lab 1 Assessment Questions: 1. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA department LANs, departmental folders, and data. By establishing security principle within the Active Directory Domain. 2. Is it a good practice to include the account and user name in the password? Why or Why not? No it is not a good idea to include the account and user name in the password because there are Hackers out there who would use either a dictionary attack or brute force attacks which go though lists to find the correct combination of words, letters, numbers and characters in order to crack user names and passwords which depending on how simple or complex it is can take anywhere from 5 minutes or 5 months to decrypt, so it is a good practice to keep everything as unique as possible. 3. To enhance the strength of user passwords, what are some of the best practices to implement for user password definitions to maximize confidentiality? In this case the best way to ensure a strong password is to use 8 or more characters such as a mixture of Uppercase. Lowercase, numbers, and symbols in order to create a complex password that would be very difficult to crack. 4. Can a defined user in Active Directory access a shared drive if that user is not part of the domain? No they should not be able to access the shared folders unless they have authorized access. 5. Does Windows Server 2008 R2 require a user’s logon/password credentials prior...
Words: 469 - Pages: 2
...Lab 1 Assessment Worksheet Develop an Attack & Penetration Plan 1. List the 5 steps of the hacking process. * Reconnaissance * Scanning * Gaining Access * Maintaining Access * Covering Tracks 2. In order to exploit or attack the targeted systems, the first initial step I would do to collect as much information as possible about the targets prior to devising an attack and penetration test plan would be reconnaissance. I would use passive reconnaissance as this pertains to information gathering. 3. The reconnaissance phase can have many different faces, and depending on the goal of the attacker, various tools and applications can be used. Nslookup can be used to look up all the available host on a network through the DNS server. You can get IP address information of hosts on your targeted network. You can also get the information of the purpose of the hosts. Whois lookup is a protocol that can be used to interrogate the servers operated by regional internet registries which holds information about every IP/Domain registered on the internet. You can get information about your target such as; the name of the owner, address of the owner. IP ranges that a certain IP belongs to, contact information like emails and phone numbers, administrators names and server names. You can also just use your targets web site. Sometimes the targets website can reveal way too much information without realizing it, and just by looking at the information they have...
Words: 1233 - Pages: 5
...A network is a group of computers (often called nodes or hosts) that can share information through their interconnections. A network is made up of the following components: Computer systems (nodes or hosts). Network devices that enable connectivity (such as hubs, switches, and routers). The transmission medium provides a path for electrical signals between devices. Network interfaces are devices that send and receive electrical signals. Protocols are rules or standards that describe how hosts communicate and exchange data. Despite the costs of implementation and maintenance, networks actually save organizations money by allowing them to: Consolidate (centralize) data storage Share peripheral devices like printers Increase internal and external communications Increase productivity and collaboration One way to classify networks is based on the role network devices play: Network Type Description Peer-to-peer In peer-to-peer networking (also called workgroups), each computer controls access to its own resources. Security controls on each computer identify who can have access to the computer's resources. Advantages of peer to peer networks include: Easy implementation Inexpensive Disadvantages of peer to peer networks include: Difficult to expand (not scalable) Difficult to support Lack centralized control No centralized storage Windows 7 includes a new feature called a HomeGroup. The HomeGroup is a simple way to create a peer-to-peer network...
Words: 584 - Pages: 3
...Assessment Worksheet Installing a Core Linux Operating System on a Server IS3440 - Linux Security Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview The foundation of host-based security starts with the installation of the operating system (OS). Contrary to popular opinion, there is no such thing as a secure operating system, but in this lab, you learned how to install the Linux CentOS operating system in a secure manner. You created a new virtual machine, partitioned the hard drive, and installed the Linux operating system. You also created a non-root user account and verified that key services were (or were not) running. Lab Assessment Questions & Answers 1. During the Minimal install, NTP (Network Time Protocol) server was not installed. From a security perspective, why is it important for a system to keep accurate time? To keep the system in sync and up to date for logging purposes such as any incidents that occur. Otherwise a time may not be correct when checking logs for an incident. 2. During the install, you set a password for the root user. What is the root user, and when is it appropriate to use this account? The root user is the system administrator. It is only appropriate...
Words: 503 - Pages: 3
...Introduction to Networking SYLLABUS Credit hours: 4.5 Contact/Instructional hours: 56 (34 Theory, 22 Lab) Prerequisite: NT1110 Computer Structure and Logic or equivalent © ITT Educational Services, Inc. All Rights Reserved. -1- 05/08/2013 Introduction to Networking SYLLABUS COURSE SUMMARY COURSE DESCRIPTION This course serves as a foundation for the study of computer networking technologies. Concepts in data communications, such as signaling, coding and decoding, multiplexing, circuit switching and packet switching, OSI and TCP/IP models, LAN/WAN protocols, network devices and their functions, topologies and capabilities are discussed. Industry standards and the development of networking technologies are surveyed in conjunction with a basic awareness of software and hardware components used in typical networking and internetworking environments. MAJOR INSTRUCTIONAL AREAS 1. Networking fundamentals 2. The OSI model and its use in networking 3. LANs, WANs, MANs and their implementation 4. Physical layer fundamentals 5. Basics of the data link layer 6. The functions of TCP/IP 7. IP addressing, subnetting, and supernetting 8. Diagramming the physical components that comprise a network 9. Logic created by the interconnectivity of network components 10. Applying network security 11. Future developments in networking COURSE OBJECTIVES 1. Explain key networking concepts and terminology. 2. Identify the advances in computer networking...
Words: 4795 - Pages: 20
...------------------------------------------------- Graded Assignment Requirements Assignment Requirements documents provided below must be printed and distributed to students as the guidance for completing the assignments and submitting them for grading. Instructors must remind students to retain all handouts and assignment documents issued in every unit, as well as student-prepared documentation and graded deliverables. Some or all these documents will be used repeatedly across different units. Unit 1. Lab 1. Preparing a Virtual Workstation Image Windows 7 Virtual Machine “Keyless” Installation and Re-arm Process Purpose: This section describes the reason for and the procedure to use the “keyless” installation for Windows 7 Professional applicable to our lab environment for IT109/NT1230, and to use the “Re-arm” procedure to extend the trial period to meet our curriculum needs. Background: In installing Windows 7 Professional into a virtual machine in the VMware Player for the labs in our lab environment, if the Product Key for Windows 7 Professional is applied and activated during or at the end of the installation, the installed virtual machine will be authorized to launch only from the physical computer from which it was installed, as Microsoft registers the product key to associate with the hardware identity of the physical computer in their antipiracy database during the activation process. Subsequently, if the virtual machine is launched from a different computer, Microsoft...
Words: 5558 - Pages: 23
...COLLABORATIVE BACHELOR OF SCIENCE IN NURSING PROGRAM (University of Windsor, Lambton College, St. Clair College – Windsor & Thames) Health Assessment NRS 63-166 Fall 2011 Site: St Clair College, Thames Campus Teaching Faculty Linda O’Halloran Phone: 519-354-9714 Ext. 3233 E-mail: lohalloran@stclaircollege.ca Office Hours: Monday’s 1100 – 1200, Tuesday’s 1000 - 1600 or by appointment Course Location Room 118 Course Times: Monday’s 1200 – 1400 – lecture Labs: weekly- either Monday or Tuesday as per your schedule Lab Teaching Instructor Maureen Eyres Andrea Reddam Vanessa Schinkel ©Collaborative BScN Program 2010 ALL RIGHTS RESERVED INTRODUCTION TO COLLABORATIVE BScN PROGRAM Mission Statement As partners, the Faculty of Nursing at the University of Windsor with St. Clair College (Windsor and Thames Campuses) and Lambton College (Sarnia) undertake the shared commitment to excellence in the preparation of Bachelor of Science in Nursing (BScN) candidates who embody our core values and the best elements of the art and science of nursing, education, leadership, research, and practice in their professional journeys. Vision EXCELLENCE in nursing education, practice, and research. Core Values ...
Words: 4870 - Pages: 20
...Week 1 Lab Part 1: Assess the Impact on Access Controls for a Regulatory Case Study Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: 1. Configure user accounts and access controls in a Windows Server according to role-based access implementation 2. Configure user account credentials as defined policy, and access right permissions for each user 3. Create and administer Group Policy Objects for the management of Windows Active Directory Domain machines within the IT infrastructure 4. Apply the correct Group Policy Object definitions per requirements defined by policies and access right permissions for users 5. Assign and manage access privileges as requested in the case study to apply the recommended and required security controls for the user accounts Week 1 Lab Part 1 - Assessment Worksheet Assess the Impact on Access Controls for a Regulatory Case Study Overview Watch the Demo Lab in the Week 1 Learning Space Unit 1, and answer the questions below. The lab demonstrates creating an Active Directory domain as well as user and group objects within the new domain. Directories will be created and permissions assigned based on the required access control as defined in the matrix. Group Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what...
Words: 1428 - Pages: 6
...Week 3 Laboratory Week 3 Lab Part 1: Automate Digital Evidence Discovery Using Paraben’s P2 Commander Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: * Open an existing case file using P2 Commander * Analyze the data in the image and the files saved in the case * Sort and identify evidence file types in a case using Paraben's P2 Commander forensic tool * Use P2 Commander to identify information for potential evidence contained in chat logs such as Skype chat * Analyze the contents of user profiles and data using the P2 Commander browser Week 3 Lab Part 1 - Assessment Worksheet Overview View the Demo Lab available in the Practice section of Learning Space Unit 5 and then answer the questions below. The video will demonstrate the use of Paraben's P2 Commander and outline the different forensics capabilities of the tool. Lab Assessment Questions & Answers 1. When talking about Information Security, what does the 'CIA' stands for? CIA in information security stands for confidentiality, integrity and availability. 2. When would it be a good practice to classify data? It would be a good practice to classify data when you need to extract files from a hard drive or system for investigating in order to accurately organize the findings. 3. What is Security classification? Security classification is the security level assigned to a government document, file...
Words: 635 - Pages: 3
...:Intermediate Spanish I Semester: Fall 2013 Instructor: Dora Berry Office: Jones 217 e-mail: aberry@memphis.edu Office Hours: MWF from 7:15am to 7:45am or MW from 11:30am to 12:30 by appointment TR from 7:15am to 8:30am or TR from 1pm to 1:30pm by appointment SCHEDULE OF CLASSES (Classes meet 2x a week (T TH) for 1 hr. 25 minutes) Día T 8/27 Objetivos Learn terms for rooms in a house, common household objects, and chores Make recommendations, make polite requests & organize work Learn rules for capitalization in Spanish Combine sentences using relative pronouns Give orders or advice to people you address with tú En clase First day of classes (Drop/Refund Deadlines) Introduction to course / Syllabus overview Lección 12: Introduction, p. 403 Contextos, pp. pp. 404– 407 Fotonovela, pp. 408–410 Ortografía, p. 411 Estructura 12.1 Relative pronouns, pp. 414–417 Estructura 11.1 Familiar commands, pp. 378–381 Tarea para la próxima clase -Supersite: Lección 12 Estructura 12.1 Practice, Workbook, and Lab Manual activities Estructura 11.1 Practice, Workbook, and Lab Manual activities TH 8/29 -Supersite: Lección 12 Estructura 12.2 Practice, Workbook, and Lab Manual activities Estructura 12.3 Practice, Workbook, and Lab Manual activities [Flash cultura: Practice activities] M 9/2 T 9/3 LABOR DAY: NO CLASS Give orders or advice to people you address with usted or ustedes Express attitude towards hypothetical or uncertain events, actions...
Words: 1839 - Pages: 8
...Documentation LAB 2 Introduction In this lab, you will learn how to use several different applications and interfaces to identify and document an IP network design and schema. Chief among these is PuTTY, which you used in Lab #1. The primary use of PuTTY is to establish Telnet and SSH sessions to remote servers. You will use PuTTY to collect information about those resources. You will also use Wireshark to capture packet data from the sessions you establish with PuTTY. Learning Objectives Upon completing this lab, you will be able to: • Develop a plan for identifying and documenting the logical IP network design and IP addressing schema based on data collected from Lab #1 • Use PuTTY to establish Telnet and SSH to the IP addresses of the identified interfaces on Cisco routers, switches, and firewalls • Use Cisco show commands to display the MAC-layer addresses of Ethernet ports, IP addressing schema, and subnet mask addressing used throughout the IP networking infrastructure • Document the MAC addresses and IP addresses of the IP networking infrastructure • Document the IP host addresses of the VM server farm hosts TOOLS AND SOFTWARE USED NAME Wireshark PuTTY Cisco IOS MORE INFORMATION http://www.wireshark.org/ http://www.chiark.greenend.org.uk/~sgtatham/putty/ http://www.cisco.com/warp/cpropub/45/tutorial.htm 17 38504_LMxx_Lab02.indd 17 8/30/12 7:51 PM 18 LAB #2 | Network Documentation Deliverables Upon completion of this lab, you are required...
Words: 1982 - Pages: 8
...Information Systems and Technology Faculty of Engineering & Information Sciences Head of School Associate Professor Rajeev Sharma, Student Resource Centre, Tel: (02) 4221 3491 ISIT114 Object Oriented Programming Subject Outline Spring Session 2014 Consultation Times: Subject Coordinator Telephone Number: Email: Location: Dr. Sifer's consultation times during session: Day Monday Wednesday Subject Organisation: Session: Credit Points Contact hours per week: Lecture Times & Location: Tutorial Day, Time and Location can be found at: Spring Session, Wollongong Campus 6 credit points 2 Hours Lec, 2 Hours Lab Wed 10:30-12:30 67-104 http://www.uow.edu.au/student/timetables/index.html Time 9:00 - 11:00am 1:30 - 3:30pm Dr Mark Sifer 4221 4919 msifer @uow.edu.au 39.219 Students should check the subject's web site regularly as important information, including details of unavoidable changes in assessment requirements will be posted from time to time via MOODLE http://www.uow.edu.au/student/ . Any information posted to the web site is deemed to have been notified to all students. Subject Description: The aims of this subject are to consolidate and extend student's knowledge and skills in structured programming and to introduce them to the concepts and practice of object oriented programming. To achieve this aim the subject will provide students with an opportunity to develop further programming skills and good coding style; develop skills in using the object-oriented concepts of inheritance, encapsulation...
Words: 2995 - Pages: 12
...Week 1 Lab Part 1 - Assessment Worksheet Assess the Impact on Access Controls for a Regulatory Case Study Overview Watch the Demo Lab in the Week 1 Learning Space Unit 1, and answer the questions below. The lab demonstrates creating an Active Directory domain as well as user and group objects within the new domain. Directories will be created and permissions assigned based on the required access control as defined in the matrix. Group Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what does it mean? Discretionary access control List (DACL) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong 2. Why would you add permissions to a group instead of the individual? It is more resourceful and less time consuming. 3. List at least 3 different types of access control permissions available in Windows. Full Control, Modify, Execute, Read, Write 4. What are the least permissions that you need in order to view the contents of a folder? Read, so the user has access to any file on the system that they are entitled to, but they are not able to make any changes. 5. What are other available Password Policy options that could be enforce to improve security? ...
Words: 1093 - Pages: 5
...components of information systems and demonstrates applications of information systems in business. Students are provided with sophisticated knowledge and necessary skills of information technology. Principles of Information Technology is a course that will provide students with computer skills necessary to be successful in “real world” personal and business situations. Students will use Microsoft Office to learn word processing, desktop publishing, presentation software, spreadsheets, and databases. COURSE OUTCOMES On completion of the course, students will be able to: 1. Demonstrate an understanding of basic information technology concepts and principles 2. Describe major components of information systems 3. Discuss business applications of information systems 4. Use Office application software and apply the computer skills effectively METHODS OF TEACHING Lectures and tutorials/lab practices INSTRUCTIONAL MATERIALS Major Reference Texts: |Author |Date |Title/ISBN |Publisher | |Gary B. Shelly and Misty|2009...
Words: 1347 - Pages: 6
