SlideShare a Scribd company logo

Assignment Grading Rubric Course IT286 Unit 4 Po.docx

Download as DOCX, PDF
S
ssuser562afc1

This document provides the grading rubric and instructions for a two-part assignment in an IT security course. The assignment addresses outcomes related to wireless security, authentication, access control, and cloud security. For Part 1, students must complete short essay questions and tables addressing these topics. For Part 2, students must perform labs demonstrating wireless network configuration, packet sniffing tools, and Platform as a Service and provide screen captures. The rubric allocates a total of 50 points across both parts and deducts points for errors.

Education
1 of 16
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Assignment Grading Rubric Course: IT286 Unit: 4 Points: 50 Copyright Kaplan University Unit 4 Assignment Outcomes addressed in this activity: • Describe authentication and access control. • Examine single factor and multifactor authentication methods. • Discuss the use of access control methods such as smart cards, Common Access Cards (CAC), and access control lists (ACLs). • Describe the use of authentication and tunneling protocols. Course outcome: IT286-2: Investigate device and infrastructure security, access control, authentication, and authorization. Instructions: NOTE: You will have two parts to the Assignment in this unit
that will be submitted as one file through the Dropbox. Requirements: Unit Assignments include short essay, descriptive tables and screen captures demonstrating an understanding of the topics. Any resource used including the textbook should be properly cited. Documents should be submitted using APA Style (double- spaced with a title page and a reference page). Essays should be separated into sections by the Assignment Part number and the question number. Part 1 1. Authentication is based on one or more of five factors. Create a table of these five. Factor Example 2. In a short essay describe the pros and cons of implementing a single factor authentication system and of implementing a multifactor authentication system. Cite your resources. 3. In a short essay explain Layered Security and Defense in Depth. Give an analogy for the philosophy behind this from another area (Eample: physical access to a military base). 4. In a short essay describe Transitive Access. Explain why this is an important technique for large networks. 5. There are four primary methods of access control (Example:
Mandatory Access Control). Create a table of these four and describe them. Access Control Method Definition 6. Create a table that summarizes the five tunneling protocols outlined in the text. Protocol Definition Use Assignment Grading Rubric Course: IT286 Unit: 4 Points: 50 Copyright Kaplan University Part 2 Lab Questions and Screen Captures 1. Set up Auditing of Logins Microsoft Windows operating systems (Windows 7™, Windows 8™ and Windows Server) can be configured to audit various events and to create logs of those events. Follow the instructions below to enable a login auditing. a. Open the Control Panel. In Control Panel, (System and Security) double-click Administrative Tools, and then click Local Security Policy. b. In Local Security Settings, double-click Local Policies, double-click Audit Policy, and then highlight the event that you want to audit and right click. (Example: Audit logon events - Success, Failure and Audit logon
events - Success, Failure.) Take a screen capture of your settings. Exit Local Policy. To test your settings, log off and reenter your password. c. To view the event logs, click Start, point to Programs, point to Administrative Tools, and then click Event Viewer. Check the log for the event. d. Did you see your login event? Take a screen capture of your login event. Note: Be sure to periodically check your Event Viewer and delete logs. 2. Examine firewall configurations for access control Review the Windows Firewall dialog box below. Notice the selection Don't allow exceptions check box. Assignment Grading Rubric Course: IT286 Unit: 4 Points: 50 Copyright Kaplan University By selecting this check box Windows Firewall blocks all unsolicited requests to connect to the computer. Notice the Exceptions tab. When the Don’t allow exceptions box is checked even entries listed in
exceptions will be denied. If Windows Firewall is active on your computer and you want additional protection in a public area such as a coffee shop, select the Don't allow exceptions setting. If you select the Exceptions tab, you can also set a configuration to allow a port access through the firewall. Use the Edit a Port dialog box to configure the Name and Port number. What firewall is active on your system? Examine the settings. Take a screen capture. 3. Identify User Accounts with Administrator Access This lab requires a Windows 7 or Windows 8 operation system. User management is simplified by adding users to groups. To see which users are members of the Administrators group, follow these steps: a. Choose Start, Control Panel, Administrative Tools b. Choose Computer Management and open it. c. Within the left pane, expand Local Users And Groups and then expand Groups. Take a screen capture. Assignment Grading Rubric Course: IT286 Unit: 4 Points: 50 Copyright Kaplan University
d. Double-click Administrators. The Administrators Properties box appears showing a list of members (Do not remove a user without verifying there is another user with administrative rights.). Exit the Computer Management console. Review the grading rubric below before beginning this activity: Assignment grading rubric = 50 points Assignment Requirements Points Possible Points Earned Part 1: Essay Questions 1. Authentication is based on one or more of five factors. Create a table of these five. Factor Example 0–5 2. In a short essay describe the pros and cons of implementing a single factor authentication system and of implementing a multifactor authentication system. Cite your resources. 0–6
3. In a short essay explain Layered Security and Defense in Depth. Give an analogy for the philosophy behind this from another area (Example: physical access to a military base). 0–8 4. In a short essay describe Transitive Access. Explain why this is an important technique for large networks. 0–5 5. There are four primary methods of access control (Example: Mandatory Access Control). Create a table of these four and describe them. Access Control Method Definition 0–6 6. Create a table that summarizes the five tunneling protocols outlined in the text. Protocol Definition Use 0–10 Part 2: Lab Questions and Screen Captures 1. Set up Auditing of Logins. Take a screen capture. Did you see your login event? Take a 0–3
Assignment Grading Rubric Course: IT286 Unit: 4 Points: 50 Copyright Kaplan University screen capture of your login event. 2. Examine Windows Firewall configurations for access control. What firewall is active on your system? Examine the settings. Take a screen capture. 0–3 3. Identify User Accounts with Administrator Access. Take a screen capture. 0–4 Total (Sum of all points) 0–50 Less deduction taken for spelling, grammar, and APA errors. Plagiarism is totally unacceptable.
New total after deductions Assignment Grading Rubric Course: IT286 Unit: 5 Points: 50 Copyright Kaplan University Unit 5 Assignment Outcomes addressed in this activity: • Discuss wireless technology including wireless protocols, wireless devices, and wireless security. • Explain various types of wireless attacks and methods to mitigate these attacks. • Examine appropriate control mechanisms to secure data in virtualized environments and on the cloud. Course outcome: IT286-3: Explain the protection of wireless networks and cloud services, and the hardening of hosts and
applications. Instructions: NOTE: You will have two parts to the Assignment in this unit that will be submitted as one file through the Dropbox. Requirements: Unit Assignments include short essay, descriptive tables and screen captures demonstrating an understanding of the topics. Any resource used including the textbook should be properly cited. Documents should be submitted using APA Style (double- spaced with a title page and a reference page). Essays should be separated into sections by the Assignment Part number and the question number. Part 1 1. Create a table comparing WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access) and WPA2 Standard Definition Algorithm Suggested Use 2. In a short essay, describe Temporal Key Integrity Protocol (TKIP). What is it based on? What does it do? 3. You are asked to secure a wireless network by making sure only authorized computers connect. What can you do to accomplish this? Give an example. 4. Review Table 5.1 in your text that lists six different types of wireless attacks and matches an analogy of
each attack. Do some research on these attacks and create a table of your findings. Attack Name Definition Result 5. In a short essay, define the three cloud computing service models. 6. In a short essay, examine the cloud computing delivery models. Give a scenario for each. 7. The following five topics describe important concepts for virtualizations: Snapshots, Patch Compatibility, Host Availability/Elasticity, Security Control Testing (SCT) and Sandboxing. Briefly define each of these and explain why it can be a security concern. Assignment Grading Rubric Course: IT286 Unit: 5 Points: 50 Copyright Kaplan University Part 2 Lab Questions and Screen Captures 1. Connect a wireless network on a Windows system View the video on wireless connections before doing this lab. To set up a new wireless connection, select Set up a new
network from the Network and Sharing Center window. To enable an automatic wireless network configuration, select the wizard. To manually connect to a wireless network, select the Manually create a network profile. To connect to an existing wireless network under Available networks, select the network name and then Configure. In Wireless Network Properties, specify the wireless network settings and specify the network name SSID (Service Set Identifier). Using only the SSID is not secure. Take a screen capture of the settings. 2. Wireless Capture Tools Note: Be cautious when downloading any software tool from insecure websites. Review a wireless packet sniffer tool (see suggestions below) and provide a brief description. Take a screen capture of the output data from the tool as shown on the wireless packet sniffer website (if not available, show features). Suggestions: Aircrack-ng - a set of tools for auditing wireless networks NetStumbler – wardriving to find open wireless access points InSSIDer – signal strength and access point finder, etc. 3. Platform as a Service Review a Platform as a Service (PaaS) vendor (Ex:
Salesforce.com or Amazon Web Services) and describe how the client interacts with the cloud using this service. Outline several of the features of the platform and take a screen capture of the vendor’s marketing site and graphics. Review the grading rubric below before beginning this activity: Assignment Grading Rubric Course: IT286 Unit: 5 Points: 50 Copyright Kaplan University Assignment grading rubric = 50 points Assignment Requirements Points Possible Points Earned Part 1: Essay Questions 1. Create a table comparing WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access) and WPA2.
Standard Definition Algorithm Suggested Use 0–5 2. In a short essay, describe Temporal Key Integrity Protocol (TKIP). What is it based on? What does it do? 0–4 3. You are asked to secure a wireless network by making sure only authorized computers connect. What can you do to accomplish this? Give an example. 0–4 4. Review Table 5.1 in your text that lists six different types of wireless attacks and matches an analogy of each attack. Do some research on these attacks and create a table of your findings. Attack Name Definition Result 0–6 5. In a short essay, define the three cloud computing service models. 0–3 6. In a short essay, examine the cloud computing
delivery models. Give a scenario for each. 0–8 7. The following five topics describe important concepts for virtualizations: Snapshots, Patch Compatibility, Host Availability/Elasticity, Security Control Testing (SCT) and Sandboxing. Briefly define each of these and explain why it can be a security concern. 0–10 Part 2: Lab Questions and Screen Captures 1. Connect a wireless network on a Windows system. Take a screen capture. 0–3 Assignment Grading Rubric Course: IT286 Unit: 5 Points: 50 Copyright Kaplan University 2. Review a wireless packet sniffer tool. Take a screen capture.
0–3 3. Review a Platform as a Service (PaaS) vendor. Take a screen capture. 0–4 Total (Sum of all points) 0–50 Less deduction taken for spelling, grammar, and APA errors. Plagiarism is totally unacceptable. New total after deductions

More Related Content

PDF
Cst 630 Believe Possibilities / snaptutorial.com
Davis11a
 
PDF
CST 630 RANK Introduction Education--cst630rank.com
agathachristie266
 
DOCX
CST 630 RANK Inspiring Innovation--cst630rank.com
KeatonJennings104
 
DOCX
CST 630 RANK Educational Specialist--cst630rank.com
VSNaipaul15
 
PDF
CST 630 RANK Become Exceptional--cst630rank.com
agathachristie113
 
DOC
Cst 630 Inspiring Innovation--tutorialrank.com
PrescottLunt385
 
PDF
Cst 630 Education Organization-snaptutorial.com
robertlesew6
 
DOCX
Cst 630Education Specialist / snaptutorial.com
McdonaldRyan79
 
Cst 630 Believe Possibilities / snaptutorial.com
Davis11a
 
CST 630 RANK Introduction Education--cst630rank.com
agathachristie266
 
CST 630 RANK Inspiring Innovation--cst630rank.com
KeatonJennings104
 
CST 630 RANK Educational Specialist--cst630rank.com
VSNaipaul15
 
CST 630 RANK Become Exceptional--cst630rank.com
agathachristie113
 
Cst 630 Inspiring Innovation--tutorialrank.com
PrescottLunt385
 
Cst 630 Education Organization-snaptutorial.com
robertlesew6
 
Cst 630Education Specialist / snaptutorial.com
McdonaldRyan79
 

Similar to Assignment Grading Rubric Course IT286 Unit 4 Po.docx (20)

DOCX
CST 630 Effective Communication - snaptutorial.com
donaldzs8
 
DOCX
CST 630 Exceptional Education - snaptutorial.com
DavisMurphyA97
 
DOCX
CST 630 RANK Achievement Education--cst630rank.com
kopiko147
 
DOCX
CST 630 RANK Redefined Education--cst630rank.com
claric241
 
PDF
CST 630 RANK Remember Education--cst630rank.com
chrysanthemu49
 
DOC
Cst 630 Enhance teaching / snaptutorial.com
Baileyabw
 
DOCX
Cis 560 Extraordinary Success/newtonhelp.com
amaranthbeg152
 
PDF
Lo 09
liankei
 
PDF
How to Pass CAS-005 in 2025: Expert Tips & Updated Objectives
rl7159133
 
PDF
Top-Rated CAS-005 Practice Strategy for 2025 Candidates
rl7159133
 
PDF
Microsoft az-500 Dumps
Armstrongsmith
 
DOCX
Lab #1 Develop System Administration Procedures for Windows 8.1 Sec.docx
sleeperfindley
 
DOCX
Lab Deliverable for Lab nYour NameDateTitle Creating, Using, Remo.docx
DIPESH30
 
PDF
CAS-005 CompTIA SecurityX Certification Dumps PDF.pdf
simonlata79
 
DOCX
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docx
mary772
 
DOCX
ops300 Project(4)
trayyoo
 
DOCX
ops300 Project(3)
trayyoo
 
DOCX
Lab #2 Managing Host Based Security Purpose To develop .docx
smile790243
 
DOCX
Project 1CST630 Project ChecklistStudent Name DateNote This che
davieec5f
 
PDF
CIS 560 Effective Communication - tutorialrank.com
Bartholomew22
 
CST 630 Effective Communication - snaptutorial.com
donaldzs8
 
CST 630 Exceptional Education - snaptutorial.com
DavisMurphyA97
 
CST 630 RANK Achievement Education--cst630rank.com
kopiko147
 
CST 630 RANK Redefined Education--cst630rank.com
claric241
 
CST 630 RANK Remember Education--cst630rank.com
chrysanthemu49
 
Cst 630 Enhance teaching / snaptutorial.com
Baileyabw
 
Cis 560 Extraordinary Success/newtonhelp.com
amaranthbeg152
 
Lo 09
liankei
 
How to Pass CAS-005 in 2025: Expert Tips & Updated Objectives
rl7159133
 
Top-Rated CAS-005 Practice Strategy for 2025 Candidates
rl7159133
 
Microsoft az-500 Dumps
Armstrongsmith
 
Lab #1 Develop System Administration Procedures for Windows 8.1 Sec.docx
sleeperfindley
 
Lab Deliverable for Lab nYour NameDateTitle Creating, Using, Remo.docx
DIPESH30
 
CAS-005 CompTIA SecurityX Certification Dumps PDF.pdf
simonlata79
 
COIT20262 Assignment 2 Questions Term 2, 2018 Advanced Net.docx
mary772
 
ops300 Project(4)
trayyoo
 
ops300 Project(3)
trayyoo
 
Lab #2 Managing Host Based Security Purpose To develop .docx
smile790243
 
Project 1CST630 Project ChecklistStudent Name DateNote This che
davieec5f
 
CIS 560 Effective Communication - tutorialrank.com
Bartholomew22
 
Ad

More from ssuser562afc1 (20)

DOCX
Pick an Apollo Mission that went to the Moon.  Some mission only orb.docx
ssuser562afc1
 
DOCX
Pick a topic from data.gov that has large number of data sets on wid.docx
ssuser562afc1
 
DOCX
Pick an animal with sophisticated communication. Quickly find and re.docx
ssuser562afc1
 
DOCX
Pick a real healthcare organization or create your own. Think about .docx
ssuser562afc1
 
DOCX
PHYS 102In the Real World” Discussion TopicsYou may choose yo.docx
ssuser562afc1
 
DOCX
Photosynthesis and Cellular RespirationCellular respiration .docx
ssuser562afc1
 
DOCX
Philosophy of Inclusion Research SupportIt is not enough to simp.docx
ssuser562afc1
 
DOCX
PHYSICS DATA SHEET.docx
ssuser562afc1
 
DOCX
Physical Assessment Reflection Consider your learning and gr.docx
ssuser562afc1
 
DOCX
Phonemic Awareness TableTaskScriptingDescription and.docx
ssuser562afc1
 
DOCX
Philosophy 2582 - Media Ethics Paper 1 (Noam Chomsky) 
.docx
ssuser562afc1
 
DOCX
Pick a large company you like. Find their Statement of Cash Flow.docx
ssuser562afc1
 
DOCX
Philosophy 7 Asian Philosophy (Fall 2019) Paper Guidelines .docx
ssuser562afc1
 
DOCX
PIC.jpga.zipAPA.pptAPA Style--Review.docx
ssuser562afc1
 
DOCX
PHIL101 B008 Win 20 ! # AssignmentsAssignmentsAssignmen.docx
ssuser562afc1
 
DOCX
Phase 3 Structured Probl.docx
ssuser562afc1
 
DOCX
Phil 2101 Final PaperGuidelines Approximately 5 pages, doubl.docx
ssuser562afc1
 
DOCX
Perspectives on WarInstructionsAnalyze After watching .docx
ssuser562afc1
 
DOCX
pestle research for chile bolivia paraguay uruguay .docx
ssuser562afc1
 
DOCX
Pg. 04Question Four Assignment 2Deadline Saturd.docx
ssuser562afc1
 
Pick an Apollo Mission that went to the Moon.  Some mission only orb.docx
ssuser562afc1
 
Pick a topic from data.gov that has large number of data sets on wid.docx
ssuser562afc1
 
Pick an animal with sophisticated communication. Quickly find and re.docx
ssuser562afc1
 
Pick a real healthcare organization or create your own. Think about .docx
ssuser562afc1
 
PHYS 102In the Real World” Discussion TopicsYou may choose yo.docx
ssuser562afc1
 
Photosynthesis and Cellular RespirationCellular respiration .docx
ssuser562afc1
 
Philosophy of Inclusion Research SupportIt is not enough to simp.docx
ssuser562afc1
 
PHYSICS DATA SHEET.docx
ssuser562afc1
 
Physical Assessment Reflection Consider your learning and gr.docx
ssuser562afc1
 
Phonemic Awareness TableTaskScriptingDescription and.docx
ssuser562afc1
 
Philosophy 2582 - Media Ethics Paper 1 (Noam Chomsky) 
.docx
ssuser562afc1
 
Pick a large company you like. Find their Statement of Cash Flow.docx
ssuser562afc1
 
Philosophy 7 Asian Philosophy (Fall 2019) Paper Guidelines .docx
ssuser562afc1
 
PIC.jpga.zipAPA.pptAPA Style--Review.docx
ssuser562afc1
 
PHIL101 B008 Win 20 ! # AssignmentsAssignmentsAssignmen.docx
ssuser562afc1
 
Phase 3 Structured Probl.docx
ssuser562afc1
 
Phil 2101 Final PaperGuidelines Approximately 5 pages, doubl.docx
ssuser562afc1
 
Perspectives on WarInstructionsAnalyze After watching .docx
ssuser562afc1
 
pestle research for chile bolivia paraguay uruguay .docx
ssuser562afc1
 
Pg. 04Question Four Assignment 2Deadline Saturd.docx
ssuser562afc1
 
Ad

Recently uploaded (20)

PPTX
Introduction to pro and eukaryotes and differences.pptx
AvaniKarumathil
 
PDF
What if we spent less time fighting change, and more time building what’s rig...
Derek Wenmoth
 
PDF
Empowerment Technology for Senior High School Guide
solthereseamericandr
 
PPTX
TNA_Presentation-1-Final(SAVE)) (1).pptx
RomnickTanilon
 
PPTX
202450812 BayCHI UCSC-SV 20250812 v17.pptx
home
 
PPTX
Chinmaya Tiranga Azadi Quiz (Class 7-8 )
Nitin Suresh
 
PDF
Uderstanding digital marketing and marketing stratergie for engaging the digi...
afreenpeshmam
 
PDF
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
 
PDF
advance database management system book.pdf
hinamannan364
 
PPTX
Onco Emergencies - Spinal cord compression Superior vena cava syndrome Febr...
Medpopz
 
PDF
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 1)
CMEmpire
 
PDF
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
PPTX
Virtual and Augmented Reality in Current Scenario
Shruti Dalela
 
PDF
My India Quiz Book_20210205121199924.pdf
AtandraDey2
 
PDF
AI-driven educational solutions for real-life interventions in the Philippine...
EleniIlkou
 
PDF
IGGE1 Understanding the Self1234567891011
rhea22labucay
 
PDF
International_Financial_Reporting_Standa.pdf
VrindaTayade1
 
PDF
FORM 1 BIOLOGY MIND MAPS and their schemes
arcade5
 
PDF
A GUIDE TO GENETICS FOR UNDERGRADUATE MEDICAL STUDENTS
DrBincy A. S
 
PPTX
CHAPTER IV. MAN AND BIOSPHERE AND ITS TOTALITY.pptx
greciamaycalambro
 
Introduction to pro and eukaryotes and differences.pptx
AvaniKarumathil
 
What if we spent less time fighting change, and more time building what’s rig...
Derek Wenmoth
 
Empowerment Technology for Senior High School Guide
solthereseamericandr
 
TNA_Presentation-1-Final(SAVE)) (1).pptx
RomnickTanilon
 
202450812 BayCHI UCSC-SV 20250812 v17.pptx
home
 
Chinmaya Tiranga Azadi Quiz (Class 7-8 )
Nitin Suresh
 
Uderstanding digital marketing and marketing stratergie for engaging the digi...
afreenpeshmam
 
Hazard Identification & Risk Assessment .pdf
estagiarioprotegesms
 
advance database management system book.pdf
hinamannan364
 
Onco Emergencies - Spinal cord compression Superior vena cava syndrome Febr...
Medpopz
 
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 1)
CMEmpire
 
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
Virtual and Augmented Reality in Current Scenario
Shruti Dalela
 
My India Quiz Book_20210205121199924.pdf
AtandraDey2
 
AI-driven educational solutions for real-life interventions in the Philippine...
EleniIlkou
 
IGGE1 Understanding the Self1234567891011
rhea22labucay
 
International_Financial_Reporting_Standa.pdf
VrindaTayade1
 
FORM 1 BIOLOGY MIND MAPS and their schemes
arcade5
 
A GUIDE TO GENETICS FOR UNDERGRADUATE MEDICAL STUDENTS
DrBincy A. S
 
CHAPTER IV. MAN AND BIOSPHERE AND ITS TOTALITY.pptx
greciamaycalambro
 

Assignment Grading Rubric Course IT286 Unit 4 Po.docx

  • 1. Assignment Grading Rubric Course: IT286 Unit: 4 Points: 50 Copyright Kaplan University Unit 4 Assignment Outcomes addressed in this activity: • Describe authentication and access control. • Examine single factor and multifactor authentication methods. • Discuss the use of access control methods such as smart cards, Common Access Cards (CAC), and access control lists (ACLs). • Describe the use of authentication and tunneling protocols. Course outcome: IT286-2: Investigate device and infrastructure security, access control, authentication, and authorization. Instructions: NOTE: You will have two parts to the Assignment in this unit
  • 2. that will be submitted as one file through the Dropbox. Requirements: Unit Assignments include short essay, descriptive tables and screen captures demonstrating an understanding of the topics. Any resource used including the textbook should be properly cited. Documents should be submitted using APA Style (double- spaced with a title page and a reference page). Essays should be separated into sections by the Assignment Part number and the question number. Part 1 1. Authentication is based on one or more of five factors. Create a table of these five. Factor Example 2. In a short essay describe the pros and cons of implementing a single factor authentication system and of implementing a multifactor authentication system. Cite your resources. 3. In a short essay explain Layered Security and Defense in Depth. Give an analogy for the philosophy behind this from another area (Eample: physical access to a military base). 4. In a short essay describe Transitive Access. Explain why this is an important technique for large networks. 5. There are four primary methods of access control (Example:
  • 3. Mandatory Access Control). Create a table of these four and describe them. Access Control Method Definition 6. Create a table that summarizes the five tunneling protocols outlined in the text. Protocol Definition Use Assignment Grading Rubric Course: IT286 Unit: 4 Points: 50 Copyright Kaplan University Part 2 Lab Questions and Screen Captures 1. Set up Auditing of Logins Microsoft Windows operating systems (Windows 7™, Windows 8™ and Windows Server) can be configured to audit various events and to create logs of those events. Follow the instructions below to enable a login auditing. a. Open the Control Panel. In Control Panel, (System and Security) double-click Administrative Tools, and then click Local Security Policy. b. In Local Security Settings, double-click Local Policies, double-click Audit Policy, and then highlight the event that you want to audit and right click. (Example: Audit logon events - Success, Failure and Audit logon
  • 4. events - Success, Failure.) Take a screen capture of your settings. Exit Local Policy. To test your settings, log off and reenter your password. c. To view the event logs, click Start, point to Programs, point to Administrative Tools, and then click Event Viewer. Check the log for the event. d. Did you see your login event? Take a screen capture of your login event. Note: Be sure to periodically check your Event Viewer and delete logs. 2. Examine firewall configurations for access control Review the Windows Firewall dialog box below. Notice the selection Don't allow exceptions check box. Assignment Grading Rubric Course: IT286 Unit: 4 Points: 50 Copyright Kaplan University By selecting this check box Windows Firewall blocks all unsolicited requests to connect to the computer. Notice the Exceptions tab. When the Don’t allow exceptions box is checked even entries listed in
  • 5. exceptions will be denied. If Windows Firewall is active on your computer and you want additional protection in a public area such as a coffee shop, select the Don't allow exceptions setting. If you select the Exceptions tab, you can also set a configuration to allow a port access through the firewall. Use the Edit a Port dialog box to configure the Name and Port number. What firewall is active on your system? Examine the settings. Take a screen capture. 3. Identify User Accounts with Administrator Access This lab requires a Windows 7 or Windows 8 operation system. User management is simplified by adding users to groups. To see which users are members of the Administrators group, follow these steps: a. Choose Start, Control Panel, Administrative Tools b. Choose Computer Management and open it. c. Within the left pane, expand Local Users And Groups and then expand Groups. Take a screen capture. Assignment Grading Rubric Course: IT286 Unit: 4 Points: 50 Copyright Kaplan University
  • 6. d. Double-click Administrators. The Administrators Properties box appears showing a list of members (Do not remove a user without verifying there is another user with administrative rights.). Exit the Computer Management console. Review the grading rubric below before beginning this activity: Assignment grading rubric = 50 points Assignment Requirements Points Possible Points Earned Part 1: Essay Questions 1. Authentication is based on one or more of five factors. Create a table of these five. Factor Example 0–5 2. In a short essay describe the pros and cons of implementing a single factor authentication system and of implementing a multifactor authentication system. Cite your resources. 0–6
  • 7. 3. In a short essay explain Layered Security and Defense in Depth. Give an analogy for the philosophy behind this from another area (Example: physical access to a military base). 0–8 4. In a short essay describe Transitive Access. Explain why this is an important technique for large networks. 0–5 5. There are four primary methods of access control (Example: Mandatory Access Control). Create a table of these four and describe them. Access Control Method Definition 0–6 6. Create a table that summarizes the five tunneling protocols outlined in the text. Protocol Definition Use 0–10 Part 2: Lab Questions and Screen Captures 1. Set up Auditing of Logins. Take a screen capture. Did you see your login event? Take a 0–3
  • 8. Assignment Grading Rubric Course: IT286 Unit: 4 Points: 50 Copyright Kaplan University screen capture of your login event. 2. Examine Windows Firewall configurations for access control. What firewall is active on your system? Examine the settings. Take a screen capture. 0–3 3. Identify User Accounts with Administrator Access. Take a screen capture. 0–4 Total (Sum of all points) 0–50 Less deduction taken for spelling, grammar, and APA errors. Plagiarism is totally unacceptable.
  • 9. New total after deductions Assignment Grading Rubric Course: IT286 Unit: 5 Points: 50 Copyright Kaplan University Unit 5 Assignment Outcomes addressed in this activity: • Discuss wireless technology including wireless protocols, wireless devices, and wireless security. • Explain various types of wireless attacks and methods to mitigate these attacks. • Examine appropriate control mechanisms to secure data in virtualized environments and on the cloud. Course outcome: IT286-3: Explain the protection of wireless networks and cloud services, and the hardening of hosts and
  • 10. applications. Instructions: NOTE: You will have two parts to the Assignment in this unit that will be submitted as one file through the Dropbox. Requirements: Unit Assignments include short essay, descriptive tables and screen captures demonstrating an understanding of the topics. Any resource used including the textbook should be properly cited. Documents should be submitted using APA Style (double- spaced with a title page and a reference page). Essays should be separated into sections by the Assignment Part number and the question number. Part 1 1. Create a table comparing WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access) and WPA2 Standard Definition Algorithm Suggested Use 2. In a short essay, describe Temporal Key Integrity Protocol (TKIP). What is it based on? What does it do? 3. You are asked to secure a wireless network by making sure only authorized computers connect. What can you do to accomplish this? Give an example. 4. Review Table 5.1 in your text that lists six different types of wireless attacks and matches an analogy of
  • 11. each attack. Do some research on these attacks and create a table of your findings. Attack Name Definition Result 5. In a short essay, define the three cloud computing service models. 6. In a short essay, examine the cloud computing delivery models. Give a scenario for each. 7. The following five topics describe important concepts for virtualizations: Snapshots, Patch Compatibility, Host Availability/Elasticity, Security Control Testing (SCT) and Sandboxing. Briefly define each of these and explain why it can be a security concern. Assignment Grading Rubric Course: IT286 Unit: 5 Points: 50 Copyright Kaplan University Part 2 Lab Questions and Screen Captures 1. Connect a wireless network on a Windows system View the video on wireless connections before doing this lab. To set up a new wireless connection, select Set up a new
  • 12. network from the Network and Sharing Center window. To enable an automatic wireless network configuration, select the wizard. To manually connect to a wireless network, select the Manually create a network profile. To connect to an existing wireless network under Available networks, select the network name and then Configure. In Wireless Network Properties, specify the wireless network settings and specify the network name SSID (Service Set Identifier). Using only the SSID is not secure. Take a screen capture of the settings. 2. Wireless Capture Tools Note: Be cautious when downloading any software tool from insecure websites. Review a wireless packet sniffer tool (see suggestions below) and provide a brief description. Take a screen capture of the output data from the tool as shown on the wireless packet sniffer website (if not available, show features). Suggestions: Aircrack-ng - a set of tools for auditing wireless networks NetStumbler – wardriving to find open wireless access points InSSIDer – signal strength and access point finder, etc. 3. Platform as a Service Review a Platform as a Service (PaaS) vendor (Ex:
  • 13. Salesforce.com or Amazon Web Services) and describe how the client interacts with the cloud using this service. Outline several of the features of the platform and take a screen capture of the vendor’s marketing site and graphics. Review the grading rubric below before beginning this activity: Assignment Grading Rubric Course: IT286 Unit: 5 Points: 50 Copyright Kaplan University Assignment grading rubric = 50 points Assignment Requirements Points Possible Points Earned Part 1: Essay Questions 1. Create a table comparing WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access) and WPA2.
  • 14. Standard Definition Algorithm Suggested Use 0–5 2. In a short essay, describe Temporal Key Integrity Protocol (TKIP). What is it based on? What does it do? 0–4 3. You are asked to secure a wireless network by making sure only authorized computers connect. What can you do to accomplish this? Give an example. 0–4 4. Review Table 5.1 in your text that lists six different types of wireless attacks and matches an analogy of each attack. Do some research on these attacks and create a table of your findings. Attack Name Definition Result 0–6 5. In a short essay, define the three cloud computing service models. 0–3 6. In a short essay, examine the cloud computing
  • 15. delivery models. Give a scenario for each. 0–8 7. The following five topics describe important concepts for virtualizations: Snapshots, Patch Compatibility, Host Availability/Elasticity, Security Control Testing (SCT) and Sandboxing. Briefly define each of these and explain why it can be a security concern. 0–10 Part 2: Lab Questions and Screen Captures 1. Connect a wireless network on a Windows system. Take a screen capture. 0–3 Assignment Grading Rubric Course: IT286 Unit: 5 Points: 50 Copyright Kaplan University 2. Review a wireless packet sniffer tool. Take a screen capture.
  • 16. 0–3 3. Review a Platform as a Service (PaaS) vendor. Take a screen capture. 0–4 Total (Sum of all points) 0–50 Less deduction taken for spelling, grammar, and APA errors. Plagiarism is totally unacceptable. New total after deductions