Question 1. [Pg. 242]
1. [Challenge exercise 9.1.] Windows vulnerability (Passwords)
One of windows vulnerabilities is that user accounts may have weak, nonexistent or unprotected passwords. The operating system and some third-party applications may create accounts with weak or nonexistent passwords. This in turn causes data to be vulnerable and with respect to user data it could be very damaging to a user’s organization if data is lost or removed without warning by an attacker.
Also the connection of these systems to a shared network or perhaps the internet in the scenario of a business organization leaves the system vulnerable to an attacker.
With respect to the data that is ...view middle of the document...
This mode is also based on policy which include of shielding sensitive data, enforcing controls, and reporting and auditing to ensure policy compliance.
Question 2. [Pg. 271]
With reference to the question this are verifiable links
From the information gathered from all three websites, some items were compiled as security checklist and they are as follows in the table below;
The table consists of the information gathered on the security checklist in windows and also the measures to be taken upon a security check. The ‘implication’ column describes what could occur once the item is not addressed
CHECK LIST | PROCEDURE | DESCRIPTION | REMARKS |
Physical Security Procedures | 1. Keep systems in a secure office or preferably a dedicated room. 2. Network storage should be used if affordable and justifiable. | 1. No-one but system administrators should have direct access to your servers. Dedicated server rooms are generally necessary for larger infrastructures for proper air conditioned environments. 2. Network storage is normally highly redundant (RAID hot swap, multiple power supplies etc.) and with a sensible authentication infrastructure (ie. 2 or more servers capable of providing authentication) you will be able to maintain high availability of data. | 1. The computer system could get stolen or possible be damaged if not kept in a secure place 2. If not addressed the data stored will be |
Operating System Procedures | 1. Apply the latest post-service pack hotfixes 2. Logoff all Servers when you have finished using them (do not use Lock Workstation) | 1. Hotfixes address security issues - Currently Microsoft release these on the second Tuesday of every month and can also release additional emergency patches. There are very few reasons to not update your systems. 2. Reduce exploits which rely on Administrator being logged in | 1. System would be vulnerable to that bug if update is not executed 2. Users can perform administrator operations |
Account Related Procedures | 1. Make Administrative passwords very complex and minimum length 14 | 1. Repels dictionary attacks and makes brute force attacks difficult | 1. The users system will be compromised |
Set User Right Policies | 1. Force Shutdown from a Remote System - Administrators/Server Operators only | 1. No user needs this right | 1. Else the entire system will be compromised and any user at any point in time could interrupt system activity |
File System Procedures | 1. Format all volumes as NTFS | 1. You can only set file system permissions on NTFS volumes, FAT systems have no security. | 1. If not addressed file system permission set otherwise will not be...