Preview

Lab 7 - Info Sec

Satisfactory Essays
Open Document
Open Document
2576 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Lab 7 - Info Sec
Overview:
Anytime a user attempts to access a network, the server logs the attempt. In this lab, you first used the
Windows Event Viewer utility to search for failed logon attempts, which could indicate a possible intrusion by an unauthorized user. You also generated your own errors by attacking the Windows 2008 server and then reviewed the Internet Information Services (IIS) logs to find those errors. Finally, you documented your findings and recommended remediation steps.
Lab Assessment Questions & Answers: 1. What services were attacked on the IIS server? 2. How many failed logons were detected?
3. Specify the date/timestamps when monitoring started and when the attacks occurred. 4. What options are available to prevent brute force authentication attacks in a Windows-based domain? 5. What is an insider attack? 6. If the attacks for this lab were coming from an internal IP, would you allow the attack to continue to investigate further or stop the attack? 7. With the information provided in this lab, what steps would you take to prevent a reoccurrence of an external attack?
8. What is a best practice to deter insiders from even thinking about executing an attack?
Overview:
Anytime a user attempts to access a network, the server logs the attempt. In this lab, you first used the
Windows Event Viewer utility to search for failed logon attempts, which could indicate a possible intrusion by an unauthorized user. You also generated your own errors by attacking the Windows 2008 server and then reviewed the Internet Information Services (IIS) logs to find those errors. Finally, you documented your findings and recommended remediation steps.
Lab Assessment Questions & Answers: 1. What services were attacked on the IIS server? 2. How many failed logons were detected?
3. Specify the date/timestamps when monitoring started and when the attacks occurred. 4. What options are available to prevent brute force authentication attacks in a

You May Also Find These Documents Helpful

  • Satisfactory Essays

    440iLabWeek7Complete

    • 152 Words
    • 2 Pages

    In this Lab I built a network that consists of various departments within an organization that utilize the internet to access the company servers. Upper management suspects that various departments within the organization are abusing the network resources by downloading music movie trailers in strict violation of company policy. I have monitored the network and the abuse of the network resources. I have taken corrective measures to track the abuse back to the appropriate department involved.…

    • 152 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    NT1230 Lab 10

    • 1546 Words
    • 8 Pages

    In this exercise, you began the process of troubleshooting a server and isolating the most important events in the Windows Server 2008 logs.…

    • 1546 Words
    • 8 Pages
    Satisfactory Essays
  • Satisfactory Essays

    In this lab I was able to accomplish by using the show commands I learned how to investigate the network status. Not only will the benefit my professional career but it will also help me in the course on how to trouble shoot and learn the basics.…

    • 1117 Words
    • 6 Pages
    Satisfactory Essays
  • Powerful Essays

    Netw420 Week 4 lab report

    • 726 Words
    • 3 Pages

    Many Network Management Systems have a log and event manager that collects data and logs event data from all of the devices on the network and performs real-time correlation. When an event is initiated an agent initiates an interaction by creating an object describing an event. Event messages from the various distributed components are processed based on a predefined policy. Most event alerts can be categorized as an informational alert, a warning alert or a critical alert.…

    • 726 Words
    • 3 Pages
    Powerful Essays
  • Good Essays

    Lot2 Task 1

    • 719 Words
    • 3 Pages

    The attack performed on the network had the intention of making the online services provided to students unusable during a critical time of need for those systems. The attack was first performed by acquiring the Administrator password for the systems and using each system to perform a large quantity of requests for service to the web servers. By dissecting what occurred steps can be put in place to prevent such an attack in the future. This attack can be summarized in a few bullets:…

    • 719 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    The explosive growth and popularity of the Internet have resulted in thousands of structured query able information sources. Most organizations are familiar with Penetration Testing and other ethical hacking techniques as a means to understanding the current security status of their information system assets. Consequently, much of the focus of research, discussion, and practice, has traditionally been placed upon active probing and exploitation of security vulnerabilities. Since this type of active probing involves interacting with the target, it is often easily identifiable with the analysis of firewall and intrusion detection/prevention device (IDS or IPS) log files.…

    • 501 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Network eavesdropping, configuration file sniffing, attacker can read sensitive data out of memory or from local files…

    • 1000 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    Question 6: List three possible reasons why you might be unable to connect to your computer’s web server using a browser on another computer?…

    • 560 Words
    • 3 Pages
    Satisfactory Essays
  • Good Essays

    and identify the devices on the network and the operating systems and services running on them.…

    • 652 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    Lab 7 Ethical Hacking

    • 293 Words
    • 2 Pages

    In this lab, you used AVG AntiVirus Business Edition to identify the viruses, worms, Trojans,…

    • 293 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    ISSC421 Lab 3

    • 414 Words
    • 2 Pages

    You can use the log files to ID malware form the incidence logs. They should tell you when something was downloaded or uploaded to the computer. If you know some minor details about what it is you are looking for then you should be able to ID the malware file that was put on the computer.…

    • 414 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    6) Your company’s computers have been taken over by an attacker and used to attack another organization’s information systems. Your problem is which of the following?…

    • 295 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS4560 Lab 1 Assessment

    • 292 Words
    • 1 Page

    13. To truly test the IT security team, if they know the attack is coming they can prepare for the attack.…

    • 292 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    Business Continuity Plan

    • 552 Words
    • 3 Pages

    6. Is there any process to perform threat/vulnerability analysis to identify the source and likelihood of…

    • 552 Words
    • 3 Pages
    Satisfactory Essays
  • Powerful Essays

    Nids

    • 2445 Words
    • 10 Pages

    Intruder is a person who is trying to connect to your network without your prior permission. There are two types of intruders.…

    • 2445 Words
    • 10 Pages
    Powerful Essays

Related Topics