Читать книгу CompTIA CSA+ Study Guide - Mike Chapple - Страница 21

Activity 1.1: Create an Inbound Firewall Rule

In this lab, you will verify that the Windows Firewall is enabled on a server and then create an inbound firewall rule that blocks file and printer sharing.

This lab requires access to a system running Windows Server 2012 or Windows Server 2012 R2.

Part 1: Verify that Windows Firewall is enabled

1. Open the Control Panel for your Windows Server.

2. Choose System And Security.

3. Under Windows Firewall, click Check Firewall Status.

4. Verify that the Windows Firewall state is set to On for Private networks. If it is not on, enable the firewall by using the “Turn Windows Firewall on or off” link on the left side of the window.

Part 2: Create an inbound firewall rule that blocks file and printer sharing

1. On the left side of the Windows Firewall control panel, click “Allow an app or feature through Windows Firewall.”

2. Scroll down the list of applications and find File And Printer Sharing.

3. Uncheck the box to the left of that entry to block connections related to File And Printer Sharing.

4. Click OK to apply the setting.

Note: You should perform this lab on a test system. Disabling file and printer sharing on a production system may have undesired consequences.

Activity 1.2: Create a Group Policy Object

In this lab, you will create a Group Policy Object and edit its contents to enforce an organization’s password policy.

This lab requires access to a system running Windows Server 2012 or Windows Server 2012 R2 that is configured as a domain controller.

1. Open the Group Policy Management Console. (If you do not find this console on your Windows 2012 Server, it is likely that it is not configured as a domain controller.)

2. Expand the folder corresponding to your Active Directory forest.

3. Expand the Domains folder.

4. Expand the folder corresponding to your domain.

5. Right-click the Group Policy Objects folder and click New on the pop-up menu.

6. Name your new GPO Password Policy and click OK.

7. Right-click the new Password Policy GPO and choose Edit from the pop-up menu.

8. When Group Policy Editor opens, expand the Computer Configuration folder.

9. Expand the Policies folder.

10. Expand the Windows Settings folder.

11. Expand the Security Settings folder.

12. Expand the Account Policies folder.

13. Click on Password Policy.

14. Double-click Maximum password age.

15. In the pop-up window, select the Define This Policy Setting check box and set the expiration value to 90 days.

16. Click OK to close the window.

17. Click OK to accept the suggested change to the minimum password age.

18. Double-click the Minimum Password Length option.

19. As in the prior step, click the box to define the policy setting and set the minimum password length to 12 characters.

20. Click OK to close the window.

21. Double-click the Password Must Meet Complexity Requirements option.

22. Click the box to define the policy setting and change the value to Enabled.

23. Click OK to close the window.

24. Click the X to exit Group Policy Editor

You have now successfully created a Group Policy Object that enforces the organization’s password policy. You may apply this GPO to users and/or groups as needed.

Activity 1.3: Write a Penetration Testing Plan

For this activity, design a penetration testing plan for a test against an organization of your choosing. If you are employed, you may choose to use your employer’s network. If you are a student, you may choose to create a plan for a penetration test of your school. Otherwise, you may choose any organization, real or fictitious, of your choice.

Your penetration testing plan should cover the three main criteria required before initiating any penetration test:

● Timing

● Scope

● Authorization

One word of warning: You should not conduct a penetration test without permission of the network owner. This assignment only asks you to design the test on paper.

Activity 1.4: Security Tools

Match each of the security tools listed in this table with the correct description.