Lab #2: Managing Host Based Security
Purpose: To develop and verify system administration and vulnerability management procedures which implement host based security capabilities for Windows 8.1
Objectives
1. Develop systems administration procedures to configure and manage host-based security capabilities (firewall and anti-virus/anti-malware).
2. Develop systems management procedures to scan for and remediate software and configuration vulnerabilities in Windows 8.1 systems.
Overview
In this lab, our focus is upon implementing and managing host-based security for Windows 8.1 systems using the following tools:
· Windows Defender
· Windows Firewall
· Microsoft Baseline Security Analyzer (MBSA)
Note: Windows Defender and Windows Firewall are found under Control Panel. MBSA can be found using Windows Search (Windows Key + R).
For each tool, you will research and then write a step-by-step procedure to configure the tool according to security best practices for Windows 8.1 hosts. Each of these tools can be used as part of an overall information security vulnerability management business process.
You will write three separate procedures for this lab:
(a) Managing Windows Defender
(b) Managing Windows Firewall
(c) Managing Vulnerabilities using Microsoft Baseline Security Analyzer
Each procedure will have the following major sections (see Figure 1):
· Title:
· Operating Environment:
· Description:
· Notes, Warnings, & Restrictions:
· Resources (Further Reading):
· Procedures:
Some procedures will contain a large number of steps. To make the procedures easier to read, you should divide your procedures into groups of related steps. Place a group heading (e.g. Scanning for Threats) at the beginning of each group. Each group heading should be followed by a brief paragraph that explains the purpose of the group (e.g. This group (or “section”) contains step by step instructions for running scans using Windows Defender….)
Title:
Operating Environment:
1. Hardware
2. Software
Description:
Notes, Warnings, & Restrictions:
Resources (Further Reading):
1.
2.
3.
Procedures:
[Group Heading]
Brief introduction paragraph for this group of steps
1.
2.
3.
[Group Heading]
Brief introduction paragraph for this group of steps
1.
2.
3.
InstructionsPart (a): Managing Windows Defender
1. Investigate the use of Windows Defender to protect a Windows 8/8.1 system against viruses, spyware, and other forms of malware. Your investigation should include researching best practices for configuring and using host-based anti-malware software.
2. Develop step by step procedures to implement best practices for protecting a Windows 8/8.1 system from malware. At a minimum, your procedures must accomplish the following:
a. Update anti-virus definition files
b. Configure real-time scanning
c. Full system scanning
d. Fast or quick scan for high vulnerability areas of the system
e. Removable media scanning
f. Reviewing scan results including reviewi ...
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Lab #2 Managing Host Based Security Purpose To develop .docx
1. Lab #2: Managing Host Based Security
Purpose: To develop and verify system administration and
vulnerability management procedures which implement host
based security capabilities for Windows 8.1
Objectives
1. Develop systems administration procedures to configure and
manage host-based security capabilities (firewall and anti-
virus/anti-malware).
2. Develop systems management procedures to scan for and
remediate software and configuration vulnerabilities in
Windows 8.1 systems.
Overview
In this lab, our focus is upon implementing and managing host-
based security for Windows 8.1 systems using the following
tools:
· Windows Defender
· Windows Firewall
· Microsoft Baseline Security Analyzer (MBSA)
Note: Windows Defender and Windows Firewall are found
under Control Panel. MBSA can be found using Windows
Search (Windows Key + R).
For each tool, you will research and then write a step-by-step
procedure to configure the tool according to security best
practices for Windows 8.1 hosts. Each of these tools can be
used as part of an overall information security vulnerability
management business process.
You will write three separate procedures for this lab:
2. (a) Managing Windows Defender
(b) Managing Windows Firewall
(c) Managing Vulnerabilities using Microsoft Baseline Security
Analyzer
Each procedure will have the following major sections (see
Figure 1):
· Title:
· Operating Environment:
· Description:
· Notes, Warnings, & Restrictions:
· Resources (Further Reading):
· Procedures:
Some procedures will contain a large number of steps. To make
the procedures easier to read, you should divide your
procedures into groups of related steps. Place a group heading
(e.g. Scanning for Threats) at the beginning of each group. Each
group heading should be followed by a brief paragraph that
explains the purpose of the group (e.g. This group (or “section”)
contains step by step instructions for running scans using
Windows Defender….)
Title:
Operating Environment:
1. Hardware
2. Software
Description:
Notes, Warnings, & Restrictions:
Resources (Further Reading):
1.
2.
3. 3.
Procedures:
[Group Heading]
Brief introduction paragraph for this group of steps
1.
2.
3.
[Group Heading]
Brief introduction paragraph for this group of steps
1.
2.
3.
InstructionsPart (a): Managing Windows Defender
1. Investigate the use of Windows Defender to protect a
Windows 8/8.1 system against viruses, spyware, and other
forms of malware. Your investigation should include
researching best practices for configuring and using host-based
anti-malware software.
2. Develop step by step procedures to implement best practices
for protecting a Windows 8/8.1 system from malware. At a
minimum, your procedures must accomplish the following:
a. Update anti-virus definition files
b. Configure real-time scanning
c. Full system scanning
d. Fast or quick scan for high vulnerability areas of the system
e. Removable media scanning
f. Reviewing scan results including reviewing any quarantined
files or detected malware
3. As you run your tests, collect screen snapshots to illustrate
key steps in your procedures. (Use the snipping tool on your
4. local PC to snapshot portions of the VDA browser or client
window.) Insert these snapshots at the appropriate points in
your procedure. The snapshots must show the procedures as run
in the VDA environment.
4. Incorporate your screen snapshots for key steps into the draft
procedures. Each snapshot should be placed UNDER (after) the
step to which it applies. Captions are not required.
5. Make any additional changes required to address issues found
during testing of the step-by-step procedures.Part (b): Managing
Windows Firewall
1. Investigate the use of Windows Firewall to protect a
Windows 8/8.1 system from network-based intrusions or
attacks.
2. Identify appropriate sources of information (e.g. Windows
Help, Microsoft Technet, etc.) for instructions for configuring
Windows Firewall for Windows 8/8.1. Using those sources,
research the procedures required to perform the following tasks:
a. Use “Allow an app or feature through Windows Firewall” to
allow an application to communicate externally (send/receive
data via a network connection)
b. Use Advanced Settings to configure Windows Firewall to
allow or block network access by software applications,
utilities, and operating system components
3. Develop a systems administration procedure for Windows
Firewall which can be used to allow a new application to
communicate externally using the network connection. Use
Internet Explorer as your example application. (Use the “Allow
another app …” button from the “Allow an app or feature …”
menu item.)
4. Develop a systems administration procedure for Windows
Firewall which can be used to allow or block a Windows 8/8.1
application, capability, or feature using the “Advanced
Settings” menu item. Use “remote assistance” as your example
capability to be blocked.
5. As you run your tests, collect screen snapshots to illustrate
key steps in your procedures. (Use the snipping tool on your
5. local PC to snapshot portions of the VDA browser or client
window.) Insert these snapshots at the appropriate points in
your procedure. The snapshots must show the procedures as run
in the VDA environment.
6. Incorporate your screen snapshots for key steps into the draft
procedures. Each snapshot should be placed UNDER (after) the
step to which it applies. Captions are not required.
7. Make any additional changes required to address issues found
during testing of the step-by-step procedures.Part (c): Manage
Vulnerabilities Using Microsoft Baseline Security Analyzer
(MBSA)
Note: Before running MBSA, launch Internet Explorer to
complete the “run once” setup. (This is a VDA requirement and
should not be part of your procedure.) For some “drill down”
links in the scan reports, MBSA launches Internet Explorer to
display additional information (i.e. “How to correct this”).
1. Investigate the use of MBSA to detect vulnerabilities in a
Windows 8/8.1 system
2. Identify appropriate sources of information (e.g. Windows
Help, Microsoft Technet, etc.) for instructions for configuring
MBSA to scan a Windows 8/8.1 system. Using those sources,
research the procedures required to perform the following tasks:
a. Configure MBSA to scan a system for vulnerabilities
including:
i. Check for Windows administrative vulnerabilities
ii. Check for weak passwords
iii. Check for Internet Information Services (IIS) administrative
vulnerabilities
iv. Check for SQL administrative vulnerabilities
v. Check for security updates (missing updates)
b. Use MBSA to scan a system
c. View reports from scans including reviewing individual
vulnerabilities as reported by MBSA
d. Copy, save and print scan reports
3. Develop a systems administration procedure to accomplish
the tasks listed in item #2. Note: your procedure should only
6. apply to scanning the local host (the computer that MBSA is
installed on). Do not include scanning multiple systems or
scanning a remote target host.
4. As you run your tests, collect screen snapshots to illustrate
key steps in your procedures. (Use the snipping tool on your
local PC to snapshot portions of the VDA browser or client
window.) Insert these snapshots at the appropriate points in
your procedure. The snapshots must show the procedures as run
in the VDA environment.
5. Incorporate your screen snapshots for key steps into the draft
procedures. Each snapshot should be placed UNDER (after) the
step to which it applies. Captions are not required.
6. Make any additional changes required to address issues found
during testing of the step-by-step procedures.Finalize Your
Deliverable
1. Using the grading rubric as a guide, refine your step-by-step
procedures. Your final products should be suitable for inclusion
in an organization’s Systems Administrator’s Handbook.
Remember that you are preparing multiple procedures which
must be presented separately.
2. As appropriate, cite your sources using footnotes or another
appropriate citation style.
3. Use the resources section to provide information about
recommended readings and any sources that you cite. Use a
standard bibliographic format (you may wish to use APA since
this is required in other CSIA courses). Information about
sources and recommended readings, including in-text citations,
should be formatted consistently and professionally.
Additional Requirements for this Lab
1. Your target audience for these procedures will be Windows
8/8.1 SYSTEM ADMINISTRATORS. Do not write procedures
for home users or individuals using their own computers.
2. Your step-by-step procedures should tell the reader where to
find and how to launch the systems administration tools or
applications used to change security configuration settings.
7. 3. It is not necessary to specify every step that a system
administrator must take to properly configure and run the
software. But, you must address each major security
configuration change separately and include enough detail that
your reader will understand how to perform the required steps
to implement each change.
4. Use screen snapshots to cue the reader to important steps or
provide information required to complete check points for
proper completion of a step or set of steps (e.g. including a
snapshot which shows the “after” state for a group of security
settings).
5. Make sure that your snapshots will enhance the reader’s
understanding of the procedure and required configuration
changes. Too many snapshots or illustrations can make a
procedure difficult to use.
6. All snapshots must be created by you for this lab using screen
captures showing how you personally performed (tested) the
systems administration procedure as written by you. You may
not copy and paste images from help pages, manuals, or the
Internet.
7. Images (screen snapshots) should be cropped and sized
appropriately.
8. A screen snapshot belonging to a specific procedure step does
not require a caption.
9. Make sure that the sources you cite or recommend (additional
reading) are authoritative and are the best ones available.
10. Your Operating Environment section should identify the
hardware, operating system, and/or software applications to
which the procedure applies. For this lab, your procedures will
apply to:
a. Hardware: Laptop or Desktop Computers
b. Operating System: Windows 8.1 Professional
11. The Notes, Warnings, & Restrictions section should include
important information that is not found elsewhere in the
procedures document. For example, this section could include
information about alternatives to the selected security
8. configuration settings. Or, this section could include
information about related security procedures or policies. This
section should also include important information about harm or
risk that could occur if the procedure is not correctly followed
or implemented. If there are no such warnings then this section
should so state.
12. The procedures that you write for this lab will become part
of the final project for this course (System Administration
Manual).
· Project: Draft of Client System Role Play Script
So far in this course, you have examined the three levels of
social work practice: micro, mezzo and macro. You also have
explored how the GIM steps and specific practice skills apply to
each level of practice. In order to demonstrate your
understanding of these concepts, you will develop a script of a
client session that represents the techniques you might use to
implement the GIM steps and practice skills. This script may
depict a client interaction that represents any step in the GIM.
For example, you might choose to show an initial encounter
where you exhibit engagement and assessment skills. Maybe
you might choose to show a glimpse into a session where
intervention has become necessary for a client you have seen
several times. Or you might plan and then execute a meeting to
either evaluate a client’s treatment or terminate the relationship
with a client. Later in this course, you will record a video of a
role play based on this script.
For this assignment, use the Role Play Script Template provided
in this week’s Resources, to draft and submit your role play
script for Instructor approval and feedback.
Role Play Script (2–5 pages):
Your role play script should include:
9. · A description of the client system (depending on the client
level you selected—micro, mezzo or macro).
· An explanation of the presenting concern
· A description of the client session scene in which you
implement the GIM step and practice skills you have selected
for working with this client system.
· A detailed description of the actual dialogue that takes place
between you, as the social worker, and the client(s). Note that
the dialogue should depict the techniques you would use to
implement the GIM step and the practice skills you selected for
the client interaction.
· A description of the visual cues that both the social worker
and the client might exhibit during the interaction that support
the GIM step and practice skills you selected.
· An explanation of the techniques you might use to implement
the GIM step and practice skills you selected and why.
Submit your role play script by Day 7 of Week 5.
Note to Students: Your role play script will not be graded
until Week 11. However, you are required to turn it this week
for feedback and approval.
To submit your Project, do the following:
· Save your Project as a “.doc” file with the filename
“WK5Proj+last name+first initial.doc”. For example, Sally
Ride’s filename would be “WK5ProjRideS.doc”.
· To upload your Projects, click on Projects on the course
navigation menu, and then click the “Project Turnitin – Week 5”
link.
· Looking Ahead
Week 9 Final Project: Client System Role Play Video
This is the analysis of the role play script. Need a script for
this analysis
Week 9 Project: Client System Role Play Video
Role Play Video Analysis
I was able to perform a role-playing session as a social worker.
10. I had different experiences as a social worker as portrayed in
the role-playing session. The experience sought to facilitate the
social welfare affecting the communities and individuals. A
social worker carried out in the role playing is seen to aid in the
promotion of social change while focusing on development and
empowerment of the different persons who require help from
the social workers. The whole process involved application and
implementation of the theories of social science carefully
guided by the various principles of social justice as well as
human rights and freedoms that people are entitled.
As a social worker, there is a lot of engagement with the people
at personal levels hence the need for respect for the differences
between the unique individuals I had to deal with in the role-
playing sessions. As a generalist during the sessions, core
competencies are seen as possible needs for the different fields
I saw that could apply in different areas. The practices of a
social worker showed me the various areas a social worker can
lend his expertise just from the role-playing sessions. The role-
playing sessions show that the skills of a social worker can
easily be transferred in multiple settings such as child
protection, prisons and other correctional facilities, women’s
rights, management of social rejection and social anxiety,
morality, and behavior therapy.
From the role-playing sessions, I was able to gain a few skills
and insights that are related to the work I was doing as a social
worker in the sessions. I was able to learn that as a social
worker, the ability to empathize with the different clients that a
social worker deals with during the session. Intellectual and
emotional empathy is necessary for a social worker to be able to
understand the issues or challenges an individual is
experiencing thus helping the social worker to solve the
problems they are experiencing (Cournoyer B. R., 2016).
Empathy helps with the identification with another person’s
situation. The other skill that I learned from the role-playing
session is that of active listening.
The role-playing session offered a chance improve my listening
11. skills since listening carefully is one of the skills that is
necessary for the counseling aspect of social work. Active
listening supports the good communication skills a social
worker gain during his or her time as a social worker
(Cournoyer B. R., 2016). I was able to understand that active
listening assisted me in the establishment of trust and hence the
discovery of necessary and valuable details about the people
who need assistance from a social worker. The role-playing
sessions offered me insights on the social perceptiveness. As a
social worker, I was able to improve various skills that relate to
social perceptiveness.
As a social worker, I improved my skills on deciphering social
cues, body language and the cultural patterns of behavior that
the clients exhibit during their interactions with myself as a
social worker. I was able to learn how to ‘read between the
lines’ hence gaining skills in the interpretation of thoughts,
emotions, and feelings an individual might be experiencing
while talking to me as a social worker. As a social worker in my
role-playing session, I was a facilitator of the support group. As
a moderator, I could gain skills in organizations since I had a
workload in dealing with scheduling and dealing with the
paperwork involved as a social worker. I was able to learn the
organization skills needed for the job as a social worker (Dean
H. Hepworth, 2009).
There are several challenges I experienced during the planning
and execution of the role-playing session. One problem, I
experienced during the execution of the role play w s that I was
faced with a bigger workload accompanied with limited
resources. There was a lot of paperwork involved in the
implementation of my role as a social worker to ensure the
accuracy of the role-playing sessions. The role play sessions
required the participation of many individuals with different
types of caseloads to improve the authenticity of the session.
The other issue I faced during planning and executing the role-
playing sessions is the stress that is related to playing my role
as a social worker. Since I listened to many different problems,
12. I was mildly affected by the problems I listened to.
The issues that I was exposed to offer a sense of emotional
depletion because of hearing the many cases of the different
forms of suffering. The manner in which I had to be in touch
with my character required a lot of commitment which led to the
challenge of stress during the whole time taken for the role-
playing session. The other challenged I faced was that I lacked
many different actors who could be part of the clients who
would offer me problems or cases that I would undertake as a
social worker. The lack of many different actors put a strain on
the few actors to take multiple roles as individuals experiencing
problems.
I used multiple techniques as a social worker as I did my role-
playing session. One method I used was paying attention to the
clients during the role play. I paid attention by taking notes of
the issues affecting customers as a way of ensuring that I was
able to listen effectively. Good listening was necessary to make
sure that I could establish trust and respect (George Palattiyil,
2015). I used the technique also to be able to understand the
specific challenges that the clients are facing and devise ways
to overcome those challenges. The other technique I employed
during the role play sessions was critical thinking. Critical
thinking is an evaluation and close analysis of all the variables
and domains of the lives of the problems of the clients in the
role-play sessions.
Being able to think on my feet while employing the use of
creativity so as to effectively and efficiently support the clients
as a qualified social worker. The other skill applied for the role-
playing session is tolerance. Social workers require handling a
diverse set of clients and challenges they are facing. I needed to
be tolerant by being culturally responsive when dealing with
clients who come from the various socio-economic, racial and
ethnic communities in the role play sessions. Tolerance is a
necessary component as it helps promote understanding between
the social worker and the clients that they are dealing with
during a session (Dominelli, 2010). Tolerance also develops
13. respect among the people at the created workplace during the
role play.
The other technique I used for the role play was the ability to
enable cooperation among the people who were in the group that
was used for the role play. The technique was important since
as part of the job of a social worker, one is required to make the
individuals who are reluctant to work with others, to work in
the group and do it well. When the people work together in the
group, more positive results can be achieved from the whole
process carried out as a social worker. The other technique
used for the role play exercise was development and the
understanding of the human psychology. An understanding of
the human psychology was necessary to understand how the
minds of the clients work.
The role play video selected is a video that features my
colleague using several skills to deal with several social
problems that are caused by alcoholism. My colleague uses the
social worker general practices to define the different methods
of handling the challenges and issues that stem from the use and
abuse of alcohol and other alcoholic substances. In the video,
my colleague acts as underpins the various theories of social
sciences as a generalist social worker dealing with an alcoholic
anonymous group.
There are several things that my colleague did well in his role
play video. Firstly, there was a good use of verbal and written
communication skills. My colleague was able to express himself
using a broad range of communication skills so as to be able to
interact with the different sets of clients in his role play video
in the variety of contexts that were seen in the video. My
colleague was also effective in his application and
implementation using active listening skills. My colleague, in
his video, was able to listen to the clients and seek
clarifications where necessary showing a degree of
understanding while working in the role play video.
I would, however, improve the sense of empathy. My colleague
did not show any empathy towards the clients in the role play
14. video. He did not seem to fully understand the challenges they
were facing and hence had a lot of difficulty in attempting to
help his clients with their different problems. My colleague did
not also seem to have a firm grip on knowledge on human
psychology. My colleague showed deficiencies in his approach
on how much he understood the psychoanalysis of the people.
My partner did not understand the minds of many people
according to the role play video hence giving him difficulty in
handling the issues.
References
Cournoyer, B. R. (2016). The Social Work Skills Workbook.
Cengage Learning.
Dean H. Hepworth, R. H.-G. (2009). Direct Social Work
Practice: Theory and Skills. Cengage Learning.
Dominelli, L. (2010). Social Work in a Globalizing World.
Polity.
George Palattiyil, D. S. (2015). Social Work in a Global
Context: Issues and Challenges. Taylor