CompTIA CSA+ Study Guide. Mike Chapple
includes disabling any unnecessary services on the endpoints to reduce their susceptibility to attack, ensuring that secure configuration settings exist on devices and centrally controlling device security settings. Patch management ensures that operating systems and applications are not susceptible to known vulnerabilities. Group Policy allows the application of security settings to many devices simultaneously, and endpoint security software protects against malicious software and other threats.
Penetration tests provide organizations with an attacker’s perspective on their security. The NIST process for penetration testing divides tests into four phases: planning, discovery, attack, and reporting. The results of penetration tests are valuable security planning tools, since they describe the actual vulnerabilities that an attacker might exploit to gain access to a network.
Reverse engineering techniques attempt to determine how hardware and software functions internally. Sandboxing is an approach used to detect malicious software based on its behavior rather than its signatures. Other reverse engineering techniques are difficult to perform, are often unsuccessful, and are quite time-consuming.
Lab Exercises
In this lab, you will verify that the Windows Firewall is enabled on a server and then create an inbound firewall rule that blocks file and printer sharing.
This lab requires access to a system running Windows Server 2012 or Windows Server 2012 R2.
1. Open the Control Panel for your Windows Server.
2. Choose System And Security.
3. Under Windows Firewall, click Check Firewall Status.
4. Verify that the Windows Firewall state is set to On for Private networks. If it is not on, enable the firewall by using the “Turn Windows Firewall on or off” link on the left side of the window.
1. On the left side of the Windows Firewall control panel, click “Allow an app or feature through Windows Firewall.”
2. Scroll down the list of applications and find File And Printer Sharing.
3. Uncheck the box to the left of that entry to block connections related to File And Printer Sharing.
4. Click OK to apply the setting.
Note: You should perform this lab on a test system. Disabling file and printer sharing on a production system may have undesired consequences.
In this lab, you will create a Group Policy Object and edit its contents to enforce an organization’s password policy.
This lab requires access to a system running Windows Server 2012 or Windows Server 2012 R2 that is configured as a domain controller.
1. Open the Group Policy Management Console. (If you do not find this console on your Windows 2012 Server, it is likely that it is not configured as a domain controller.)
2. Expand the folder corresponding to your Active Directory forest.
3. Expand the Domains folder.
4. Expand the folder corresponding to your domain.
5. Right-click the Group Policy Objects folder and click New on the pop-up menu.
6. Name your new GPO Password Policy and click OK.
7. Right-click the new Password Policy GPO and choose Edit from the pop-up menu.
8. When Group Policy Editor opens, expand the Computer Configuration folder.
9. Expand the Policies folder.
10. Expand the Windows Settings folder.
11. Expand the Security Settings folder.
12. Expand the Account Policies folder.
13. Click on Password Policy.
14. Double-click Maximum password age.
15. In the pop-up window, select the Define This Policy Setting check box and set the expiration value to 90 days.
16. Click OK to close the window.
17. Click OK to accept the suggested change to the minimum password age.
18. Double-click the Minimum Password Length option.
19. As in the prior step, click the box to define the policy setting and set the minimum password length to 12 characters.
20. Click OK to close the window.
21. Double-click the Password Must Meet Complexity Requirements option.
22. Click the box to define the policy setting and change the value to Enabled.
23. Click OK to close the window.
24. Click the X to exit Group Policy Editor
You have now successfully created a Group Policy Object that enforces the organization’s password policy. You may apply this GPO to users and/or groups as needed.
For this activity, design a penetration testing plan for a test against an organization of your choosing. If you are employed, you may choose to use your employer’s network. If you are a student, you may choose to create a plan for a penetration test of your school. Otherwise, you may choose any organization, real or fictitious, of your choice.
Your penetration testing plan should cover the three main criteria required before initiating any penetration test:
● Timing
● Scope
● Authorization
One word of warning: You should not conduct a penetration test without permission of the network owner. This assignment only asks you to design the test on paper.
Match each of the security tools listed in this table with the correct description.
Конец ознакомительного фрагмента.
Текст предоставлен ООО «ЛитРес».
Прочитайте эту книгу целиком, купив полную легальную версию на ЛитРес.
Безопасно оплатить книгу можно банковской картой Visa, MasterCard, Maestro, со счета мобильного телефона, с платежного терминала, в салоне МТС или Связной, через PayPal, WebMoney, Яндекс.Деньги, QIWI Кошелек, бонусными картами или другим удобным Вам способом.