LANPrac5_20_

COMP2013 LAN Workshop – Practical 5 - Solutions Page 1 of 12 COMP2013 LAN Workshop Practical 5 – Network Threats, Security and Prevention Student Name: Student ID: Practical Class: Instructions to students - • Attempt all questions • This Practical may contribute to your final assessment mark • The Tutor can check your solutions when you are finished

COMP2013 LAN Workshop – Practical 5 - Solutions Page 2 of 12 Part A – Network Security A1) What types of data is considered to be sensitive by businesses and should be protected?  Sensitive information is data that must be lock from unauthorizes access and unwarranted to maintain the information security if an individual or organization.  Sensitive business information is any data that would pose a rick to the company if released to a competitor or public.  Information business that poses a rick to the company such ad trade secrets, plans, financial data, customer information, supplier, and etc. A2) A good Username and Password policy should include what four things? (i) Never use the same password between work and home (ii) Never reuse the same password (iii) Change password frequently (iv) Password should be at least 8 characters long contain upper letter and lower letter, as well as number and some special characters ($@!%&). A3) What is needed and required on all the incoming gateways to protect a network from unwanted access? A firewall is software or firmware that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of rules to identify and block treats. A4) If TCP/IP services are run on a NOS connected to the Internet, what are some of the potentials involved? The TCP/IP protocol suite is vulnerable to a variety of attacks ranging from password sniffing to denial of service. Software to carry out most of there attack is freely available on the internets. There vulnerabilities unless carefully controlled can place the use of the internet or internet at considerable risk. A5) List the properties of the following threats: (i) Virus: A software or computer program that connect itself to another software or computer program to harm computer system. Virus is a Type of malicious software, or malware, that spreads between computers and causes damage to data and software. Virus aim to disrupt systems, cause operational issues and result in data loss and leakage. (ii) Worm: Replicate itself to cause slow down the computer system. Worm is a type of malware or malicious software that can replicate rapidly and spread across devices within a network. Worms can also change and delete files or introduce to other malware. (iii) Trojan: Replicate capture some important information about a computer system or a computer network. Trojan is designed to damage, disrupt, steal or in general inflict some other harmful action on your data or network. (iv) A6) What is a teardrop attack? How does it affect a computer system? Teardrop attack is a type of denial of service (DoS) attack that attempts to make a computer resource unavailable by flooding a network or server with request and data. Teardrop going to sending fragmented packets to a target machine. Since the machine receiving a lot of packet cannot reassemble them due to a bug in TCP/IP

COMP2013 LAN Workshop – Practical 5 - Solutions Page 4 of 12 Part B – Creating User Accounts in Windows 10 B1) Log in as an administrator on virtual machine Windows 10 and create the following two users : User named “LocalUser1”. For the password, use a strong password (you may use the same password for the other user as well). User named “LocalUser2”. The steps of creating users are as given in B6 (Steps 1-5) of Practical 4 . Test the user accounts by switching user and then logging back using the usernames you created. Did the user accounts work properly? Part C: Sharing Folders in Microsoft Windows 10 C1) Simple file sharing is used in Windows 10 to share file/folder with other users in the same work group. Follow the steps below to create shared files using Simple File Sharing in Windows 10. Make sure you are logged in as the Administrator User. Step 1: Turning on Simple File Sharing. • Click Start 🡺 Windows System 🡺 Control Panel 🡺 View network status and tasks (under Network and Internet ) to open Network and Sharing Center . • Click on Change advanced sharing settings • Under File and printer sharing select Turn on file and printer sharing ( if not being selected yet ) . • Leave all other unchanged and click Save changes . Step 2: Creating the shared folders · Create a folder SharedFiles under C: ＼ , and create a text file in SharedFiles. · Right click SharedFiles , select Share with and click on Specific people . . Add LocalUser1 with read permission (default) and LocalUser2 with read/write permission. . Click Share (select Yes, turn network discovery… ) and then Done . Step 3: Log on as a user and test access to the folder SharedFiles · Switch user and log in to Windows 10 as LocalUser1 that you created earlier. Can User LocalUser1 read, modify or create files within the Shared Files folder, why/why not?

COMP2013 LAN Workshop – Practical 5 - Solutions Page 5 of 12 Step 4: Log on as a different user and test the access to the SharedFiles Folder Switch user and log in to Windows 10 as LocalUser2 that you created earlier. Can User LocalUser2 read, modify or create files within the Shared Files folder, why/why not?

COMP2013 LAN Workshop – Practical 5 - Solutions Page 7 of 12 create a file in the Research folder. C ould you create this file? Why/Why not? Switch user and log back on as “ LocalUser1”, then navigate to the “ C: \ SC D MS \ Resea rch ” folder. Try to create a file in the Research folder. Could you create this file? Why/Why not? Switch user and log back on as “ LocalUser2”, then navigate to the “ C: \ SC DMS \ Resear ch ” folder. Try to create a file in the Research folder. Could you create this file? Why/Why not? D2) Permissions to a subfolder is determined by the property setting of Sharing and Security , as well as the inheritance from its parent folder. How to check the final actual permission to a folder? Check the final resultant permission for each of the folders you created. Are they the same as you expected? Explain what you have observed. Follow the steps given below to find out the final actual access:

COMP2013 LAN Workshop – Practical 5 - Solutions Page 8 of 12 1. Login as the Administrator 2. Open Windows Explorer, and then locate the file or folder for which you want to view effective permissions. 3. Right-click the file or folder, click Properties, and then click the Security tab. 4. Click Advanced, click the Effective Permissions tab, and then click Select a user. 5. Enter the name of a user or group, and then click OK (you can also click Advanced and then Find Now to select a user or a group from the list). Click the button View effective access. The selected check boxes indicate the effective permissions of the user or group for that file or folder.

COMP2013 LAN Workshop – Practical 5 - Solutions Page 10 of 12 Assume that LocalUser2 is still login. Right click on User2File, select Properties 🡺 Advanced… 🡺 Details 🡺 A dd and select the Certificate (LocalUser 1), and click OK (a number of times). Logoff and login as LocalUser1 to check the access to the encrypted file User2File. LocalUer1 can also repeat the above procedures to given LocalUser2 the access to User1File. The access to the encrypted files in Windows 11 can be set similarly. E4) Is it possible in Windows 10 to allow the Administrator to view/edit the contents of an encrypted fi les of other users directly?

COMP2013 LAN Workshop – Practical 5 - Solutions Page 11 of 12 Part F: Alternative Data Streams Follow the steps to hide and then display a text file (you can do this with either Windows 10 or Windows 11). 1) Create a subfolder c:\hide by: c:\>md hide 2) Create a hidden file in the subfolder by: c:\>echo You can’t see me.>hide:hidden.txt 3) Check contents of the subfolder: c:\> dir c:\hide (no files found) 4) Display the hidden file by: c:\>notepad hide:hidden.txt