4. Instructor Name:
_____________________________________________________
_________
Lab Due Date:
_____________________________________________________
___________
Overview
In this lab, you created and linked Active Directory Group
Policy Objects (GPO) to
domain computers and used the Group Policy Manager Console
(GPMC) to deploy
security policies across the domain. You also generated policy
audit reports from the
GPMC and the Windows Command Prompt to analyze the
existence of and effectiveness
of the GPO.
Lab Assessment Questions & Answers
1. Is using the option to Store passwords using reversible
encryption a good security
practice? Why or why not?
2. Compare the GPO Report and the RSOP Report.
7. anti-malware software tool,
to identify malware and malicious software from an infected
Windows 2012 workstation.
You researched remediations for the malware identified by the
scan, and took actions to
remove those programs. You also used Windows Defender to
perform the same actions
on a Windows 2008 workstation.
Lab Assessment Questions & Answers
1. What is the one thing that a virus, a worm, spyware, and
malicious code have in
common? What are the differences among these three threats: a
virus, a worm,
and spyware?
2. How often should you update your antivirus protection?
3. Why is it a best practice to have and to carry an antivirus
boot-up disk or CD?
4. In a corporate environment, should new antivirus definitions
be installed as soon
as they are available?
10. folders on a Windows Server 2012 machine. You documented
the success or failure of
your encryption efforts. You also installed Microsoft BitLocker
Drive Encryption, a data
protection feature that is used to resist data theft and the risk of
exposure from lost,
stolen, or decommissioned computers. You encrypted a data
drive on the remote server
and decrypted it using a recovery key.
Lab Assessment Questions & Answers
1. Within a Microsoft Windows Server 2012 environment, who
has access rights to
the EFS features and functions in the server?
2. What are some best practices you can implement when
encrypting BitLocker
drives and the use of BitLocker recovery passwords?
3. What was the recovery key generated by BitLocker in this
lab?
4. How would you grant additional users access rights to your
EFS encrypted folders
and data files?
12. on Windows Systems
Course Name and Number:
_____________________________________________________
Student Name:
_____________________________________________________
___________
Instructor Name:
_____________________________________________________
_________
Lab Due Date:
_____________________________________________________
___________
Overview
In this lab, you used the Windows command-line utility,
icacls.exe, to establish file-level
permissions following a set of access control requirements. You
tested those permissions
by remotely accessing the Windows server and attempting to
modify files in the secured
folders. You used screen captures to document that the access
control changes you made
in this lab were properly applied.
Lab Assessment Questions & Answers
1. What is the principle of least privilege?
15. Instructor Name:
_____________________________________________________
_________
Lab Due Date:
_____________________________________________________
___________
Overview
In this lab, you used the Active Directory Domain Controller to
secure the C-I-A triad,
ensuring confidentiality and integrity of network data. You
created users and global
security groups and assigned the new users to security groups.
You followed a given set
of access control criteria to ensure authentication on the remote
server by applying the
new security groups to a set of nested folders. Finally, you
verified that authentication by
using the new user accounts to access the secured folders on the
remote server.
Lab Assessment Questions & Answers
1. Relate how Windows Server 2012 Active Directory and the
configuration of
access controls achieve C-I-A for departmental LANs,
departmental folders, and
data.
17. third-party individuals, etc.), what security controls do you
recommend
implementing to maximize CIA of production systems and data?
7. In the Access Controls Criteria table, what sharing changes
were made to the
MGRfiles folder on TargetWindows01-DC server?
8. In the Access Controls Criteria table, what sharing changes
were made on the
TargetWindows01-DC server to allow Shopfloor users to
read/write files in the
C:LabDocumentsSFfiles folder?
9. In the Access Controls Criteria table, what sharing changes
were made on the
TargetWindows01-DC server to allow HumanResources users to
read/write files
in the C:LabDocumentsHRfiles folder?
10. Explain how C-I-A can be achieved down to the folder and
data file access level
for departments and users using Active Directory and Windows
Server 2012 R2
access control configurations. Configuring unique access
controls for different
18. user types is an example of which kind of access controls?
Course Name and Number: Student Name: Instructor Name: Lab
Due Date: Text73: Text74: Text75: Text76: Text77: Text78:
Text79: Text80: Text81: Text82: