Details of this Paper

homework 5

Description

solution


Question

1. What are some risks, threats, and vulnerabilities commonly found in the workstation domain that must;be mitigated through a layered security strategy?;48 Lab #6 | Auditing the Workstation Domain for Compliance;37524_Lab06_Pass3.indd 48 4/19/13 12:11 PM;Auditing the Workstation;Domain for Compliance;2. File-sharing utilities and client-to-client communication applications can provide the capability to share;files with other users (for instance, peer-to-peer networking or sharing). What risks and/or vulnerabilities;are introduced with these applications?;3. Explain how confidentiality can be achieved in the workstation domain with security controls and;security countermeasures.;4. Explain how data integrity can be achieved in the workstation domain with security controls and security;countermeasures.;5. Explain how availability can be achieved in the workstation domain with security controls and security;countermeasures.;6;Assessment Worksheet 49;37524_Lab06_Pass3.indd 49 4/19/13 12:11 PM;6. Although users of desktop applications might not create mission-critical data, all of their data represents;a resource that, if lost, can result in a permanent loss of information or productivity. Explain what;countermeasures and best practices should be implemented to avoid this potential disaster.;7. What is the purpose of the Microsoft ? Windows Security Configuration and Analysis Snap-In? Explain.;8. How would you go about updating the Windows Security Options File? Explain how this option can help;mitigate risk in the workstation domain.;50 Lab #6 | Auditing the Workstation Domain for Compliance;37524_Lab06_Pass3.indd 50 4/19/13 12:11 PM;Auditing the Workstation;Domain for Compliance;9. What does the Microsoft ? Windows executable GPResult.exe do and what general information does it;provide? Explain how this application helps mitigate the risks, threats, and vulnerabilities commonly;found in the workstation domain.;10. What is the risk involved in caching logon credentials on a Microsoft ? Windows system?;11. What is the current URL for the location of the DISA Military STIGs on Microsoft ? Windows 7 Operating;Systems?;6;Assessment Worksheet 51;37524_Lab06_Pass3.indd 51 4/19/13 12:11 PM;12. Within the Windows 7, Security Technical Implementation Guide (STIG), what are the 3 Vulnerability;Severity Code Definitions defined?;13. DumpSec is a tool used by system administrators performing information assurance on a Microsoft ?;Windows 7 workstation. What is the purpose of this tool?;52 Lab #6 | Auditing the Workstation Domain for Compliance;37524_Lab06_Pass3.indd 52 4/19/13 12:11 PM;Auditing the Workstation;Domain for Compliance;14. From the Windows 7, Security Technical Implementation Guide (STIG), where can Windows 7 - File;Registry Settings be reviewed and audited on a Windows 7 workstation?;15. As per DoD and information assurance procedures, who must be notified if any exceptions to DoD STIGs;standards for workstation configurations are to be implemented?;6;Assessment Worksheet 53;37524_Lab06_Pass3.indd 53 4/19/13 12:11 PM

 

Paper#64501 | Written in 18-Jul-2015

Price : $22
SiteLock