Student LAB 10 2019-Rijan
docx
keyboard_arrow_up
School
Seneca College *
*We aren’t endorsed by this school
Course
OPS335
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
16
Uploaded by downfall07
CNET202 valid from 21F - on
Lab 10 R1.1
LAB 10 CNET202 Rijan Karki-
301291794
Backup and Firewall Configuration
For this lab you need AD_DC
and SRV1
servers.
Part A
1.
On AD_DC,
using Server Manager, click Manage
>
Add Roles and Features
.
2.
In the Add Roles and Features Wizard, click Next
.
3.
On the Select installation type page, click Next
.
4.
On the Select destination server page, click AD_DC.adatum.com
and then click Next
.
5.
Click Next
on the Select server roles screen.
6.
Select Windows Server Backup
and click Next
.
7.
On the Confirm installation selections page, click Install.
8.
When the installation is complete, take a screen shot
Paste your screen shot
AMZS 2021 Revision 1.1 valid 21F on
1
CNET202 valid from 21F - on
Lab 10 R1.1
9.
Click Close
.
Prepare and perform the backup
1.
On SRV1
, open Computer Management from the Tools menu. Select Disk Management, initialize and bring Disk1 on-line. Create a new simple volume and accept all defaults. Take a screen shot showing the formatted volume E:.
Paste your screen shot
AMZS 2021 Revision 1.1 valid 21F on
2
CNET202 valid from 21F - on
Lab 10 R1.1
2.
Navigate to New Volume (E:), rename it to Storage and create a E:\Backup
folder.
3.
Right-click the Backup
folder and choose Properties
.
4.
In the Properties dialog box, click the Sharing
tab.
5.
Click the Advanced Sharing
button.
6.
In the Advanced Sharing dialog box, click to select the Share this folder option.
7.
Click the Permissions
button.
8.
In the Permissions
dialog box, with Everyone
already selected, untick the Full
box. Take a screen shot showing permissions for E:\Backup folder and Add Domain Admin
with Full Permissions.
Paste your screen shot
AMZS 2021 Revision 1.1 valid 21F on
3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
CNET202 valid from 21F - on
Lab 10 R1.1
9.
Click OK
to close the Permissions dialog box.
10.
Click OK
to close the Advanced Sharing dialog box.
11.
Click Close
to close the Backup Properties dialog box.
12.
In File Explorer, create the E:\Backup\Backup_x
folder. You would normally replace x by the date of backup. X will do for the lab.
13.
On AD_DC
, using Server Manager
, click Tools > Windows Server Backup
.
14.
In the wbadmin
window, click Local Backup
. Just click on Local Backup and ignore messages about Azure etc.
AMZS 2021 Revision 1.1 valid 21F on
4
CNET202 valid from 21F - on
Lab 10 R1.1
15.
In the Actions
panel, click Backup Once
.
16.
When you are prompted to select a Backup option, click Different Options
and then click Next
.
17.
For the backup configuration, click Custom
and then click Next
.
18.
On the Select Items for Backup page, click Add Items
and then expand the C
drive. Click to select the Users and
ProgramData
folders.
Questio
n What is the ProgramData folder used for?
-
Windows Application Files
19.
Click OK
and Next to continue.
20.
On the Specify Destination Type page, click the
Remote shared folder
and then click Next
.
21.
On the Specify Remote Folder dialog box, type the location \\SRV1\Backup\Backup_x
. Click Next
to continue. 22.
On the Confirmation page, click Backup
. AMZS 2021 Revision 1.1 valid 21F on
5
CNET202 valid from 21F - on
Lab 10 R1.1
23.
When the backup is complete, take a screen shot of the Backup Progress window. Paste your screen shot
24
. Click Close
.
25. On SRV1
, open Windows Explorer and expand E:\Backup\Backup_x\... showing the content of Backup followed by the date you performed it. Take a screen shot
Paste your screen shot
AMZS 2021 Revision 1.1 valid 21F on
6
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
CNET202 valid from 21F - on
Lab 10 R1.1
AMZS 2021 Revision 1.1 valid 21F on
7
CNET202 valid from 21F - on
Lab 10 R1.1
Part B: Configure Windows Firewall with Advanced Security
In Windows Server 2019, Windows Firewall is enabled by default. This allows all outgoing traffic to any destination or port, but limits incoming traffic based on specific rules. We’ll cover how to configure Windows Firewall with Advanced Security
by demonstrating how to open it through the GUI followed by a demonstration of how to create a custom firewall rule.
Windows Firewall – Control Panel
Basic Windows firewall settings can be modified through Control Panel by selecting Windows Defender Firewall.
This interface can also be accessed through PowerShell or Command Prompt by entering ‘firewall.cpl’.
1.
On SRV1
, open the Control Panel and click on Windows Defender Firewall.
From here we can graphically view the status of the firewall for the domain, private, and public profiles. These different profiles are used depending on your current network connection. For example, if you’re joined to an Active Directory domain, the rules applied in the domain profile will be used, while if you’re connected to a public wireless network the settings in the public profile will be used.
2.
The Firewall is turned off to avoid potential problems in the previous labs. Click on
Turn Windows Defender Firewall on or off link, in the left pane AMZS 2021 Revision 1.1 valid 21F on
8
CNET202 valid from 21F - on
Lab 10 R1.1
and turn it on for all profiles. Tick both boxes to block all incoming traffic and be notified when the new application is blocked.
Paste your screen shot
3.
To access the advanced settings, select the Advanced Settings
link from the left pane from the Windows Defender Firewall. You can also run wf.msc in either PowerShell or Command Prompt to open the advanced security interface directly.
On this window you can see an overview of the domain, private, and public
profiles, which by default should all be enabled and blocking inbound AMZS 2021 Revision 1.1 valid 21F on
9
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
CNET202 valid from 21F - on
Lab 10 R1.1
traffic and allowing outbound traffic. From the menu on the left you can select either inbound or outbound rules. Connection security rules can also be setup to configure IPSec connections, and monitoring can be used to log various firewall events. Under inbound and outbound rules, you can view the rules that exist and that are currently enabled. These rules are available by default, rules with a green tick icon on the left are enabled and will allow traffic in while rules with no icon are disabled.
A rule that is disabled can be enabled by simply right clicking it and selecting enable. Likewise, you can right click an enabled rule and change it to disabled. We
can also view the properties of the rule by right clicking it and selecting properties.
4.
Open Outbound Rules
, select the properties of one of them and examine all
the tabs and settings. Take a screenshot.
Paste your screen shot
AMZS 2021 Revision 1.1 valid 21F on
10
CNET202 valid from 21F - on
Lab 10 R1.1
Create a Firewall Rule
1.
Select Inbound Rules
from the menu on the left and then select New Rule
from the Actions
pane on the right. This will open the new inbound rule wizard. From here you can select if we want to create a rule for a specific program, to a specific port, or based on an existing rule. Select Custom
as this gives you the most choice.
AMZS 2021 Revision 1.1 valid 21F on
11
CNET202 valid from 21F - on
Lab 10 R1.1
2.
On the next screen select all programs. You can select the specific program or service for which the traffic will be permitted.
3.
Click Next and select TCP as Protocol and port 9000 that the rule should apply
to. There are many different protocols to select from in the drop down. Port 9000 is available locally on this server and listening for connections. Take a screen shot.
Pate your screen shot
AMZS 2021 Revision 1.1 valid 21F on
12
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
CNET202 valid from 21F - on
Lab 10 R1.1
4.
On the next screen, permit all local IP addresses and restrict the remote IP range to 192.168.10.0/24. Take a screen shot. Slash notation is used rather than subnet mask.
Paste your screen shot
AMZS 2021 Revision 1.1 valid 21F on
13
CNET202 valid from 21F - on
Lab 10 R1.1
5.
On the next screen leave Allow the connection. You could also optionally only allow the connection if it’s secure, which relies on IPSec being configured.
6.
On the next screen click next thus applying the rule to all profiles. 7.
Finally, give it the name PermitTCP9000. As soon as the new rule configursation is finished the rule is set and active. Take a screen shot showing the new rule in the inbound firewall rules.
Paste your screen shot
AMZS 2021 Revision 1.1 valid 21F on
14
CNET202 valid from 21F - on
Lab 10 R1.1
AMZS 2021 Revision 1.1 valid 21F on
15
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
CNET202 valid from 21F - on
Lab 10 R1.1
END of lab 10. Submit this document for marking to e.cent drop box.
AMZS 2021 Revision 1.1 valid 21F on
16