CIS230_2.3_Windows System Hardening_Lab

docx

School

ECPI University, Greensboro *

*We aren’t endorsed by this school

Course

230

Subject

Information Systems

Date

Nov 24, 2024

Type

docx

Pages

6

Uploaded by corada5995

Report
Task Summary Required Actions v Give updates for other MS products when Windows is updated v Choose when updates are installed Hide Details Feature update deferral: 60 days [+ Quality update deferral: 30 days v Configure Windows to automatically download the manufactures' apps and custom icons Explanation Complete this lab as follows: 1. Configure the Windows Update settings. a. Right-click Start and then select Settings. b. Select Update & Security. c. From the right pane, select Advanced options. d. Under Update Options, turn on Receive updates for other Microsoft products when you update Windows by sliding the switch to On. e. Under Choose when updates are installed, configure each option as follows: = A feature update includes new capabilities and improvements. It can be deferred for 60 days. = A quality update includes security improvements. It can be deferred for this many days: 30 f. Close the Settings window. 2. Configure Windows to automatically download the manufacture's apps and custom icons. a. In the search field on the Windows taskbar, type Control. b. From Best match, select Control Panel. c. Select System and Security. d. Select System. e. From the left pane, select Advanced system settings. f. Select the Hardware tab. g. Select Device Installation Settings. h. Select Yes and then select Save Changes. i. Select OK.
Task Summary Required Actions v/ Turn Windows Firewall on v Allow Key Management Service through the Public firewall only Hide Details Public Allowed k3 Domain Denied Priviate Denied v Allow the Arch98 program through the Public firewall only ~ Hide Details Public Allowed Domain Denied Priviate Denied v Allow the Apconf program through the Public firewall only Hide Details Public Allowed k3 Domain Denied k3 Priviate Denied Explanation To complete this lab, you need to allow the following service and programs through the firewall for the Public network profile only: * A service named Key Management Service * An application named Arch98 « An application named Apconf Explanation To complete this lab, you need to allow the following service and programs through the firewall for the Public network profile only: = A service named Key Management Service = An application named Arch98 = An application named Apconf (i: Leave all other existing apps and features as they are. Complete this lab as follows: 1. Access the Windows Firewall settings. a. Right-click Start and then select Settings. b. Select Network & Internet. c. From the right pane, scroll down and select Windows Firewall. 2. From the Firewall & network protection dialog, under Public network, select Turn on. 3. Allow applications to communicate through the firewall for the Public network only. a. Select Allow an app through firewall. b. Select Change settings. c. For Key Management Service, clear Domain and Private, and then select Public. d. Select Allow another app to configure an exception for an application not currently allowed through the firewall. e. Select the application from the list and then select Add. f. For the newly added application, clear Domain and Private, and then select Public. g. Repeat steps 3d - 3f for the remaining application. 4. Select OK.
Which of the following tools can you use on a Windows network to automatically distribute and install software and operating system patches on workstations? (Select two.) = WSUS Security Configuration and Analysis = Group Policy Security Templates Which of the following describes a configuration baseline? The minimum services required for a server to function A list of common security settings that a group or all devices share A collection of security settings that can be automatically applied to a device A set of performance statistics that identifies normal operating performance What should you consider security baselines? Suggestion Unchangeable = Dynamic Static
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
By definition, what is the process of reducing security exposure and tightening security controls? Passive reconnaissance = Hardening Active scanning Social engineering Which of the following is the strongest form of multi-factor authentication? A password and a biometric scan A password, a biometric scan, and a token device Two passwords Two-factor authentication You have recently experienced a security incident with one of your servers. After some research, you determine that a new hotfix has recently been released, which would have protected the server. Which of the following recommendations should you follow when applying the hotfix? Apply the hotfix immediately to all servers. Test the hotfix and then apply it to the server that had the problem. = Test the hotfix and then apply it to all servers. Apply the hotfix immediately to the server. Apply the hotfix to other devices only as the security threat manifests itself.
Which of the following actions should you take to reduce the attack surface of a server? Disable unused services. Install anti-malware software. Install a host-based IDS. Install the latest patches and hotfixes. Which of the following do security templates allow you to do? (Select two.) Fix a specific software problem Apply new software patches Block malicious websites = Quickly apply settings to multiple computers Configure consistent security settings between devices You have just purchased a new network device and are getting ready to connect it to your network. Which of the following actions should you take to increase its security? (Select two.) Remove any backdoors. = Change default account passwords. Conduct privilege escalation. Implement separation of duties. = Apply all patches and updates.
Which of the following is defined as an operating system that comes hardened and validated to a specific security level as defined in the Common Criteria for Information Technology Security Evaluation (CC)?
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

finalcriticalinfrastructurecoco.docx
Importance Of Information Objective Planning Objectives (1).docx
ttcyftxycf (147)-21.pdf
Week 3 Discussion 1.docx
_wgu_course_c838___managing_cloud_security_exam-150.pdf
Certificate of Competence in Zero Trust (CCZT) Exam Questions.pdf
_wgu_course_c838___managing_cloud_security_exam-87.pdf
prblem wk 10.docx
Chapter6.pdf
attachment_1 - 2023-09-23T205822.336 (1).docx
Discussion Threat.edited (1).doc
WGU C838 (11).pdf