Student Name Date SEC450 IPSec VPN Lab Report NOTE: Use carriage returns and page breaks as needed to prevent table contents from extending across page boundaries. Task 1—Configure a Site-to-Site IPSec VPN on the Dallas Router Which IKE (isakmp) policy would have the highest priority—100 or 200? 100 What authentication options are available? rsa-sig, rsa-encr, pre-share What encryption options are available? 3des, des, aes, aes 192, aes 256 What are the Diffie-Hellman group options available on most IOS Firewall routers?
Chkdsk: This tool checks the integrity of the harddrives in your machine this tool can check and correct errors found on the local harddrive. The tool can be launched from a command prompt by opening the command prompt and typing in chkdsk. Chkdsk has many options such as chkdsk /f. This command will fix the errors found when you run just the standard chkdsk this only report the status of the harddrive. Next tool on our list is the disk defragmenter tool.
Having beep codes to help decipher the problem makes the repairs easier. The hard disk is busy when performing a cold boot because it is testing all of the hardware. With a cold boot, the BIOS verifies RAM by performing a read/write test of each memory address. It checks for a keyboard, mouse and for a (PCI) bus and, if it finds one, checks all the PCI cards. If the BIOS finds any errors during the POST, it will notify you by a series of beeps or a text message displayed on the screen.
Increase fault tolerance by splitting DHCP scopes. 2. Balance the load on your DHCP server by using the 80/20 rule for scopes 3. Allow remote administration of DHCP servers by comfiguring windows Firewall ports. | Question 4 | What is the name of the computer you are working from?
I rate these probes like this as they are the detection methods used by hackers to enter a network; they are not the attack themselves. References Gregory M. (Chip) Pyles Jr., Ping sweeps and port scans (n.d.) retrieved from http://gregorympyles.wordpress.com/information-systems/case-studies/ping-sweeps-and-port-scans/ Teo, L. (2000, December 01). Network probes explained: understanding port scans and ping sweeps. Retrieved from
Research Assignment II: 1. What is the purpose of the Global Names Zones in Windows Server 2008 DNS Servers? The Global Names Zones is a new function from Windows Server 2008 which offers an organization move to a DNS only environment, eliminating the need of having a WINS Server in the network. If an user request a resource in the NETBIOS Name by adding only the Domain Suffix, the request is send to the DNS Server. If the Global Name Zone had the name, it will respond back to the user but if it doesn’t had the query then the authoritative zone will check for the name.
Matching 1) Multi-factor authentication uses : Passwords plus smartcards 2) These are potentially destructive software: Malware 3) Automated password guessing is known as : Brute force 4) What is the standard for smart card support : PIV 5) Decrypts data encrypted with a certificate: Private Key 6) Standard for fingerprint scanners and other devices: Windows Biometric Framework 7) Windows authorization mechanism: User rights 8) What firewall rule requires IPsec: Authenticated exception 9) This key is stored in a digital certificate: Public key 10) Firewall exceptions are called: Rules Multiple Choice 1) Which of the following account lockout policy modifications could you make to ensure that user passwords cannot be intercepted by analyzing captured packets? Disable the Store Passwords Using Reversible Encryption policy. 2) Which of the following mechanisms is most often used in firewall rules to allow traffic on to the network? Port Numbers 3) Which of the following NTFS features is incompatible with EFS encryption? Compression 4) Which of the following command-line parameters will prevent a program executed using Runas.exe from accessing the elevated user’s encrypted files?
Copy and paste your public key below. [Exercise III: Public key encryption] If you encrypt a file using your classmate’s public key, the file and the public key file can be sent over public Internet and your classmate can decrypt the file using their own private key without anyone knows their private key. 1. Partner with one of your classmates. Exchange your public key file (YourLastName_public.asc) with your partner through an email or a thumb drive.
| 17. Take a screen shot of the Group Policy Management console displaying all of the policy settings you configured in this exercise by pressing Alt+Prt Scr and then paste the resulting image into the Lab 8 worksheet file in the page provided by pressing Ctrl+V. Exercise 7.2 | Testing Internet Explorer Policies | Overview | In this exercise, you will confirm the Internet Explorer settings that are configured with a GPO are deployed to a client computer. | Mindset | When troubleshooting problems, you will need to ensure that settings that you configure with a GPO are actually deployed to the clients. |
IS3340-windows security | Evidence Collection Policy | Unit 9 Assignment 1 | | | 5/22/2014 | | During the process of collecting digital evidence, the investigator will ensure that the data remains intact and unaltered. For later proof that evidence hasn't been tampered with, they will calculate and record a cryptographic hash of an evidence file, to be compared to the original as proof that the evidence has not been modified. He will further assure the integrity of digital evidence by imaging computer media with a write blocking tool, establishing a chain of custody and documenting everything done to the evidence. He will examine a computer's RAM for evidence prior to powering it down, as some digital evidence may be