Investigating_Security_Incidents_within_the_Microsoft_Windows_Environment_3e_-_Mohammed Khan

pdf

School

Trine University *

*We aren’t endorsed by this school

Course

AUDITING

Subject

Information Systems

Date

Nov 24, 2024

Type

pdf

Pages

9

Uploaded by MasterScience9621

Report
Investigating Security Incidents within the Microsoft Windows Environment (3e) Security Strategies in Windows Platforms and Applications, Third Edition - Lab 10 Student: Email: Mohammed Khan mkhan05511@ucumberlands.edu Time on Task: Progress: 1 hour, 24 minutes 100% Report Generated: Saturday, October 14, 2023 at 7:04 AM Section 1: Hands-On Demonstration Part 1: Use the Event Viewer to Detect Failed Log-in Attempts 10. Make a screen capture showing the Security Event Properties dialog box on TargetWindows01 . 16. Summarize the logon errors and recommend ways to respond to them. n/a Page 1 of 9
Investigating Security Incidents within the Microsoft Windows Environment (3e) Security Strategies in Windows Platforms and Applications, Third Edition - Lab 10 20. Make a screen capture showing the filtered log file in Notepad . Part 2: Identify Errors in IIS Logs 9. Make a screen capture showing the IIS errors . Page 2 of 9
Investigating Security Incidents within the Microsoft Windows Environment (3e) Security Strategies in Windows Platforms and Applications, Third Edition - Lab 10 10. Summarize the IIS errors and recommend ways to respond to them. Refer to your textbook or research the errors on the internet, if necessary. In IIS Manager, expand the local computer, right-click the starting-point directory of the application you want to configure, and then click Properties. Click the Directory tab, and then click Configuration. Click the Options tab. In the Application configuration section, select the Enable parent paths check box. Part 3: Enable Auditing for IIS Log File Access 8. Make a screen capture showing the updated Audit policy . Page 3 of 9
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Investigating Security Incidents within the Microsoft Windows Environment (3e) Security Strategies in Windows Platforms and Applications, Third Edition - Lab 10 36. Make a screen capture showing the event details for the file you modified . Page 4 of 9
Investigating Security Incidents within the Microsoft Windows Environment (3e) Security Strategies in Windows Platforms and Applications, Third Edition - Lab 10 Section 2: Applied Learning Part 1: Use the Event Viewer to Detect Failed Log-in Attempts 5. Make a screen capture showing the Event Properties for the first Audit Failure with today ’s date . 9. Make a screen capture showing the System Event Properties dialog box on TargetWindows02 . Part 2: Identify Errors in IIS Logs Page 5 of 9
Investigating Security Incidents within the Microsoft Windows Environment (3e) Security Strategies in Windows Platforms and Applications, Third Edition - Lab 10 5. Make a screen capture showing the new results of the cmd.exe command . 7. Make a screen capture showing the relevant log entries . 8. Describe the differences between the two log entries . The difference between log and ln is that log is defined for base 10 and ln is denoted for base e. For example, log of base 2 is represented as log 2 and log of base e, i.e. log e = ln (natural log) Page 6 of 9
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Investigating Security Incidents within the Microsoft Windows Environment (3e) Security Strategies in Windows Platforms and Applications, Third Edition - Lab 10 Part 3: Enable Auditing for VMware Log File Access 9. Make a screen capture showing the event details for the logfile.txt file . Page 7 of 9
Investigating Security Incidents within the Microsoft Windows Environment (3e) Security Strategies in Windows Platforms and Applications, Third Edition - Lab 10 Section 3: Challenge and Analysis Part 1: Analysis and Discussion What options are available to prevent brute force authentication attacks in a Windows-based domain? In your opinion, which of these options - or combination of options - would be most effective? A brute force login attack is one of the most common (and least subtle) attacks conducted against Web applications. The aim of a brute force attack is to gain access to user accounts by repeatedly trying to guess the password of a user or a group of users. If the Web application does not have any protections in place against this type of attack, it ’s possible for automated tools -- which are readily available on the Internet -- to submit thousands of password attempts in a matter of seconds (or less), making it easy for an attacker to beat a password-based authentication system. Part 2: Tools and Commands Make a screen capture showing the IIS log that contains these events . Part 3: Challenge Exercise Page 8 of 9
Investigating Security Incidents within the Microsoft Windows Environment (3e) Security Strategies in Windows Platforms and Applications, Third Edition - Lab 10 Make a screen capture showing the activated Windows Defender firewall . Make a screen capture showing the blocked IIS home page . Page 9 of 9
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

11.pdf
WGU Course C838 -32.pdf
WGU Course C838 -34.pdf
As the network administrator, you have implemented Defender for Cloud. Which of the following are th
Order 6238617.docx
supplier_handbook.pdf
E4Q39.png
_wgu_course_c838___managing_cloud_security_exam-190.pdf
Quiz 6 Q 2.png
Screenshot 2023-12-07 at 11.04.23.png
CS 3306 DF UNIT 5 - Copy.docx
ERM Week 6 Research Paper.docx