COM520 Systems Security Management

COM520 Systems Security Management

Module 1 Written Assignment

COM520 Written Assignment 1

Assignment: Adding Active Directory

In this assignment, you will answer questions relating to the impact of adding Active Directory to the Ken

7 Windows Limited environment.

Assignment Requirements

This assignment builds on the scenario of Ken 7 Windows Limited given as the last section of this

document. For this assignment, imagine yourself to be a security administrator working for Ken 7

Windows Limited. You have been asked to evaluate the option of adding the Active Directory to the Ken 7

Windows network. Here are some facts to help you work on this assignment.

Ken 7 has just purchased a new enterprise resource planning (ERP) software package and will place the

workstation computers which will use this ERP software at eight different locations on the shop floor. The

ERP software requires two database servers, four application servers, and two Web servers, all of which

run a Windows operating system. All above-mentioned servers and the shop floor workstations are new,

but there are 22 workstations, already in place, which work with an older software that Ken 7 used to

manage the manufacturing and accounting processes. The existing 22 workstations are grouped into

three workgroups: accounting, planning, and purchasing. Before you add the Active Directory to the

network, you have been asked to examine the effects of the Active Directory in several key areas.

Tasks

Provide the answers to the following questions to satisfy the key points of interest to the Ken 7 Windows

Limited management regarding the addition of the Active Directory to the network.

1. Currently, system administrators create Ken 7 users in each computer where users need access.

In the Active Directory, where will system administrators create Ken 7 users?

2. How will the procedures for making changes to the user accounts, such as password changes, be

different in the Active Directory?

3. What action should administrators take for the existing workgroup user accounts after converting

to the Active Directory?

4. How will the administrators resolve the differences between the user accounts defined on the

different computers? In other words, if user accounts have different settings on different

computers, how will the Active Directory address that issue?

5. How will the procedure for defining access controls change after converting to the Active

Directory?

Submission Requirements

? Format: Microsoft Word

? Font: Arial, Size 12, Double-Space

? Citation Style: APA Style

? Length: 1–2 pages

Self-Assessment Checklist

? I have described with proper justification that the Active Directory user rights and permissions

take precedence over the local user accounts.

? I have explained with proper justification that the Active Directory and local users have different

security identifiers (SIDs)—even if the user accounts names are the same.

COM520 Written Assignment 1

Case Scenario for Rationale: Importance of Windows Access Control and Authentication

Ken 7 Windows Limited is a manufacturer of Windows for residential and commercial builders. Ken 7

Windows Limited carries a variety of Windows and related products. It supplies builders with all of the

tools and supplies to install finished Windows in any type of building.

Ken 7 Windows Limited has just purchased a new enterprise resource planning (ERP) software package

to help control costs and increase both quality and customer responsiveness. The ERP software collects

and stores information including:

? Raw material costs

? Labor costs

? Materials and labor requirements for products

? Purchasing requirements

Ken 7 Windows Limited has identified six basic roles for users in the new ERP software:

? Administrators—maintain ERP data and system operation.

? Planners—run planning software and generate requirements reports.

? Shop Floor users —enter operational data (receiving, shipping, and product progress

during manufacturing).

? Managers—manage department personnel.

? Purchasing users—generate purchasing documents based on planning requirements.

? Accounting users—maintain cost and accounting data.

Access controls limit what users or roles can do with different types of data. For example, consider the

following types of data:

? Cost information—raw materials and labor costs, including the cost of finished goods.

? Manufacturing details—cost, amount of labor, and time required to produce finished

goods.

? Purchasing requirements—rules for determining when raw materials, components, or

supplies should be purchased.

Through access control:

? Cost information can be viewed only by Accounting users.

? Manufacturing details can be viewed only by Shop Floor users.

? Purchasing requirement can be viewed only by Purchasing users.

During the analysis phase of the ERP implementation, Ken 7 Windows Limited raised concerns about

users being able to access restricted data.

? Accounting users are able to login to shop floor computers.

? Purchasing users are able to access human resource (HR) applications and data.

The ERP implementation team suggested the following access control measures to protect restricted

data.

? Create an organizational unit (OU) in Active Directory for shop floor computers.

? Deploy Group Policy Objects (GPOs) to restrict shop floor users to the shop floor OU.

? Define data access controls in the ERP software to deny access for all non-HR users to

restricted data.

Implementation of several access control measures helped Ken 7 Windows Limited to restrict the data

access. Hence access control and authentication is important, as it helped Ken 7 Windows Limited in

reducing costs and increasing profits.

COM520 Systems Security Management

Module 2 Written Assignment

COM520 Written Assignment 2

Assignment: Recommendations for Access Controls

Assignment Requirements

In the lab for Module 1, Configure Active Directory and implement Departmental and User Access

Controls, you defined the groups, users, and listed access controls necessary to fulfill specific access

requirements. In this assignment, you will evaluate how each control affects users’ access to files and

folders. You will also examine how changing access controls can affect your users’ ability to access files

and folders.

Here are the users and groups you defined in the lab:

User Member of Groups

SFuser01 ShopFloor

SFuser02 ShopFloor

SFmanager ShopFloor, Manager

HRuser01 HumanResources

HRuser02 HumanResources

HRmanager HumanResources, Manager

In the lab, you considered access requirements for four folders:

? C:ERPdocuments – This folder will contain miscellaneous shared files for the ERP software.

? C:ERPdocumentsHRfiles – Folder for shared HumanResources user files.

? C:ERPdocumentsSFfiles – Folder for shared ShopFloor user files.

? C:ERPdocumentsMGRfiles – Folder for shared Manager user files.

Here is a suggested list of access controls with basic permissions for each of the four folders your users

will need to access:

Folder Who Can Modify

Who Can Read and

Execute

Who Can List Folder

Contents

C:ERPdocuments Manager Manager Manager, ShopFloor,

HumanResources

C:ERPdocumentsHRfiles HumanResources Manager,

HumanResources

Manager,

HumanResources

C:ERPdocumentsSFfiles Manager, ShopFloor Manager, ShopFloor Manager, ShopFloor

C:ERPdocumentsMGRfiles Manager Manager Manager

Based on the requirements stated above, answer the following questions:

1. The access requirements in the table above are based on reference groups. However, should

Windows access controls to implement these requirements be based on groups or individual

users? Explain.

2. How would you provide a human resource (HR) manager with the ability to modify files in

C:ERPdocumentsHRfiles without giving the same ability to other managers?

3. Describe what would happen if you removed HR from the ‘List folder contents’ permission for

C:ERPdocumentsHRfiles?

4. Describe what would happen if you added Shop Floor to the ‘Modify’ permission for

COM520 Written Assignment 2

C:ERPdocumentsHRfiles?

Submission Requirements

? Format: Microsoft Word

? Font: Arial, Size 12, Double-Space

? Citation Style: APA Style

? Length: 1–2 pages

Self-Assessment Checklist

? I have explained how access controls affect the ability of different users to access objects.

? I have explained with proper reasoning the impact of changes made in the worksheet on users’

access and which users would encounter problems if the changes were implemented.

COM520 Systems Security Management

Module 3 Written Assignment

COM520 Written Assignment 3

Assignment: Identifying Types of Malware Infection

Assignment Requirements

You have learned that any computer or device can be vulnerable to malware. Vulnerabilities differ

depending on how the computer or device is used and what software is installed. For each of the

scenarios listed on the worksheet, select the most likely type of malware that is present on the computer

or device and provide a rationale for doing so.

Select from:

a. Virus

b. Worm

c. Trojan horse

d. Rootkit

e. Spyware

Suspected malware scenarios:

_________ 1. You notice that your computer is getting slower each day. You have terminated

unneeded programs, disabled unneeded services, and have recently defragmented

the disks. Your computer has plenty of memory but it still seems slow. Since it only

started getting slow within the last two weeks—you suspect malware. You have

carefully examined each of the programs running but there are no unusual programs.

However, you do notice that there is a substantial disk activity, even when no

programs are running that should be using the disk. What kind of malware do you

think is present in your computer?

_________ 2. You downloaded a new program to display the current weather on your desktop.

Since you installed the weather application, you noticed a lot of network activity, and

your computer is getting slow. When you terminate the weather application your

computer speeds up. What kind of malware do you think is present in your computer?

_________ 3. Within a week after ordering a new widescreen television (TV) from an online retailer,

you start getting many e-mail messages advertising products related to TVs. What

kind of malware do you think is present in your computer?

_________ 4. You downloaded a new game to your personal mobile device that runs Windows

Mobile. You notice on your mobile service bill that several charges appeared for calls

to premium numbers that started three days after loading the new game. What kind

of malware do you think is present in your computer?

Submission Requirements

? Format: Microsoft Word

? Font: Arial, Size 12, Double-Space

? Citation Style: APA Style

? Length: 1–2 pages

Self-Assessment Checklist

? I have matched correctly each type of malware with each scenario.

? I have provided a sound rationale for each answer.

COM520 Systems Security Management

Module 4 Written Assignment

COM520 Written Assignment 4

Assignment: Security Audit Procedure Guide

Assignment Requirements

This assignment requires you to prepare a procedure guide for a security audit in Ken 7 Windows Limited.

Ken 7 Windows Limited has acquired several new servers and workstations to support the new enterprise

resource planning (ERP) software. You want to ensure the new computers comply with Microsoft’s initial

secure baseline. You choose to use the Microsoft baseline security analyzer (MBSA) tool to assess the

basic security for all of your Windows computers. MBSA will identify many of the basic vulnerabilities

found in Windows environments. MBSA’s vulnerability report provides a good starting point for securing

new and existing Windows computers. You need to develop procedures to ensure that each computer in

your environment has no reported vulnerabilities.

Using the format below, describe the steps to follow to scan multiple computers for security vulnerabilities

using MBSA. Include steps to research and address any reported vulnerabilities. Assume you plan to run

MBSA on a new server that does not have MBSA installed.

Fill in the details for each procedural step to audit each computer and address discovered vulnerabilities.

1) Acquire and install MBSA.

2) Scan computers.

3) Review scan results.

4) Identify vulnerabilities you need to address.

5) Document the steps to address each vulnerability.

Submission Requirements

? Format: Microsoft Word

? Font: Arial, Size 12, Double-Space

? Citation Style: APA Style

? Length: 1–2 pages

Self-Assessment Checklist

? I have properly organized the steps necessary for malware-free environment.

? I have given a proper justification of the following steps in the security audit procedure guide:

o Download and install MBSA.

o Use MBSA to scan multiple computers.

o Review the scan results.

o Identify vulnerabilities to mitigate.

o Document the steps necessary to mitigate selected vulnerabilities.

COM520 Written Assignment 4

Case Scenario:

Ken 7 Windows Limited is a manufacturer of Windows for residential and commercial builders. Ken 7

Windows Limited carries a variety of Windows and related products. It supplies builders with all of the

tools and supplies to install finished Windows in any type of building.

Ken 7 Windows Limited has just purchased a new enterprise resource planning (ERP) software package

to help control costs and increase both quality and customer responsiveness. The ERP software collects

and stores information including:

• Raw material costs

• Labor costs

• Materials and labor requirements for products

• Purchasing requirements

Ken 7 Windows Limited has identified six basic roles for users in the new ERP software:

• Administrators—maintain ERP data and system operation.

• Planners—run planning software and generate requirements reports.

• Shop Floor users —enter operational data (receiving, shipping, and product progress during

manufacturing).

• Managers—manage department personnel.

• Purchasing users—generate purchasing documents based on planning requirements.

• Accounting users—maintain cost and accounting data.

Access controls limit what users or roles can do with different types of data. For example, consider the

following types of data:

• Cost information—raw materials and labor costs, including the cost of finished goods.

• Manufacturing details—cost, amount of labor, and time required to produce finished goods.

• Purchasing requirements—rules for determining when raw materials, components, or supplies

should be purchased.

Through access control:

• Cost information can be viewed only by Accounting users.

• Manufacturing details can be viewed only by Shop Floor users.

• Purchasing requirement can be viewed only by Purchasing users.

During the analysis phase of the ERP implementation, Ken 7 Windows Limited raised concerns about

users being able to access restricted data.

• Accounting users are able to login to shop floor computers.

• Purchasing users are able to access human resource (HR) applications and data.

The ERP implementation team suggested the following access control measures to protect restricted

data.

• Create an organizational unit (OU) in Active Directory for shop floor computers.

• Deploy Group Policy Objects (GPOs) to restrict shop floor users to the shop floor OU.

• Define data access controls in the ERP software to deny access for all non-HR users to restricted

data.

COM520 Written Assignment 4

Implementation of several access control measures helped Ken 7 Windows Limited to restrict the data

access. Hence access control and authentication is important, as it helped Ken 7 Windows Limited in

reducing costs and increasing profits.

COM520 Systems Security Management

Module 5 Written Assignment

COM520 Written Assignment 5

Assignment: Network Security Controls

Assignment Requirements

Securing Windows networks requires recognizing potential vulnerabilities and selecting the best control to

address that vulnerability. You as a network administrator working for Ken 7 Windows Limited have been

given the task of reviewing the current network security policy and recommending the best network

security control to satisfy the policy. You can select from a short list of network security controls.

For each policy statement, select the best control to ensure Ken 7 Windows Limited fulfills the stated

requirements and provide a rationale.

Required Resources

? Case Scenario for Rationale: Importance of Windows Access Control and Authentication (see

below)

? Worksheet: Network Security Requirements Policy (see below)

Submission Requirements

? Format: Microsoft Word

? Font: Arial, Size 12, Double-Space

? Citation Style: APA

? Length: 1–2 pages

Self-Assessment Checklist

? I have selected appropriate network security controls for each domain of the Ken 7 IT

environment.

? I have provided rationale for my choices by explaining how each control makes the environment

more secure.

? I have followed the submission requirements.

COM520 Written Assignment 5

Case Scenario for Rationale: Importance of Windows Access Control and Authentication

Ken 7 Windows Limited is a manufacturer of Windows for residential and commercial builders. Ken 7

Windows Limited carries a variety of Windows and related products. It supplies builders with all of the

tools and supplies to install finished Windows in any type of building.

Ken 7 Windows Limited has just purchased a new enterprise resource planning (ERP) software package

to help control costs and increase both quality and customer responsiveness. The ERP software collects

and stores information including:

• Raw material costs

• Labor costs

• Materials and labor requirements for products

• Purchasing requirements

Ken 7 Windows Limited has identified six basic roles for users in the new ERP software:

• Administrators—maintain ERP data and system operation.

• Planners—run planning software and generate requirements reports.

• Shop Floor users —enter operational data (receiving, shipping, and product progress during

manufacturing).

• Managers—manage department personnel.

• Purchasing users—generate purchasing documents based on planning requirements.

• Accounting users—maintain cost and accounting data.

Access controls limit what users or roles can do with different types of data. For example, consider the

following types of data:

• Cost information—raw materials and labor costs, including the cost of finished goods.

• Manufacturing details—cost, amount of labor, and time required to produce finished goods.

• Purchasing requirements—rules for determining when raw materials, components, or supplies

should be purchased.

Through access control:

• Cost information can be viewed only by Accounting users.

• Manufacturing details can be viewed only by Shop Floor users.

• Purchasing requirement can be viewed only by Purchasing users.

During the analysis phase of