MN502 Laboratory 7 Manual: Administering A Secure Network Assessment Answer

pages Pages: 4word Words: 890

Question :

MN502 Network Security

Laboratory 7 Manual: Administering a Secure Network                                                                                                                                                                                                               

Description of the laboratory exercise:

In this laboratory, you will conduct two exercises on how to administer a secure network. 

  • In the first experiment, you will use an Application Sandbox 
  • In the second experiment, you will view logs on a Microsoft Windows computer.
  • In the third experiment, you will create a Custom View in Microsoft Windows Event Viewer.

Pre-work:

  1. Launch Virtual Box
  2. Launch your Win8.1 VM
  3. Do all your exercises in the VM 

Exercise oneUsing an Application Sandbox 

A sandbox isolates a program in order to prevent malware from permanently infecting a computer. In this project, you will download and use an application sandbox. This kind of utility can be used for securing your systems while checking, downloading or experimenting with new softwares.

  1. Use your web browser to go to  www.sandboxie.com 
  2.  Click Download Now
  3. Click the Sandboxie icon to download the Sandboxie. 
  4. Install the application  SandboxieInstall.exe  by accepting the default set- tings. Click OK in the Software Compatibility dialog box.
  5. Read the Getting Started Tutorial – Sandbox by clicking Next on each screen and click Finish. 
  6. Right-click Sandbox DefaultBox in Sandboxie. 
  7. Click Run Sandboxed
  8. Click Run Web Browser
  9. Your default web browser will launch in a sandboxed environment. 
  10. If necessary, maximize your web browser. 
  11. Move your mouse pointer to the top edge of the web browser window. Notice that a yellow border appears around the window indicating it is sandboxed. 
  12. Use your web browser to navigate to several websites that you commonly use. Does the sandbox slow down the web browser? 
  13. Close your web browser. 
  14. Now configure Sandboxie to sandbox a different application. Return to the Sandbox DefaultBox. 
  15. Right-click Sandbox DefaultBox in Sandboxie. 
  16. Click Run Sandboxed
  17. Click Run Any Program. 
  18. When the [#] Run Sandboxed – DefaultBox [#] appears, enter Notepad and click OK.
  19. Notepad will now launch in the sandbox. Move your mouse cursor over the window and note that it displays a yellow border. 
  20. Close Notepad. 
  21. Close all windows. 

Exercise TwoViewing Logs Using the Microsoft Windows Event Viewer 

In this exercise, you will view logs on a Microsoft Windows computer.  

  1. Launch Event Viewer by clicking Start and then type Administrative Tools in the Search programs and files box. 
  2. Click the Administrative Tools folder and then double-click Event Viewer
  3. The Event Viewer opens to the Overview and Summary page that dis- plays all events from all Windows logs on the system. The total number of events for each type that have occurred is displayed along with the number of events of each type that have occurred over the last seven days, the last 24 hours, or the last hour. Click the + (plus) sign under each type of event in the Summary of Administrative Events to view events that have occurred on this system. 
  4. Select a specific event and then double-click it to display detailed information on the event. Is this information in a format that a custodian could use when examining a system? Is it in a format that an end-user would find helpful? 
  5. When finished, click the Back arrow to return to the Overview and Summary page. 
  6. In the left pane under Event Viewer (Local), double-click Windows Logs to display the default generated logs, if necessary. 
  7. Double-click Security
  8. Select a specific event and then double-click it to display detailed information on the event. When finished, click Close and the Back arrow to return to the Overview and Summary page. 
  9. In the left pane under Event Viewer (Local), double-click Applications and Services Logs to display the default generated logs, if necessary. 
  10. Select a specific event and double-click it to display detailed information on the event. When finished, click Close and then double-click Event Viewer (Local) in the left pane. Leave this window open for the next exercise. 

Exercise ThreeCreating a Custom View in Microsoft Windows Event Viewer 

Microsoft Windows Event Viewer also can be used to create custom logs and collect copies of events from different systems. In this exercise, you will use the Event Viewer to create a custom log. 

  1. If necessary, launch Event Viewer by clicking Start and then typing Administrative Tools in the Search programs and files box. Click the Administrative Tools folder and then double-click Event Viewer
  2. In the right pane entitled Actions, click Create Custom View
  3. Under Logged click the drop-down arrow next to Any time. Several options appear of times to log the events. Click Custom range and note that you can create a specific time period to log these events. Click Cancel and be sure the Logged setting is Any time in order to capture all events. 
  4. Under Event level, check each box (Critical, Error, Warning, Information, Verbose) in order to capture all levels of events. 
  5. Under By source, click the radio button if necessary and then click the drop-down arrow next to Event sources. Scroll through the list of sources that can be used to create a log entry. 
  6. For this custom view, instead of selecting specific sources, you will use log entries collected from default logs. Under By log, click the radio but- ton if necessary and then click the drop-down arrow next to Event logs
  7. Click the + (plus) sign by Windows Logs and also Applications and Services Logs. Any of these logs can be used as input into your custom logs. Click the box next to Windows Logs to select all of the available Windows logs. 
  8. You also can include or exclude specific events. Be sure that is selected. 
  9. Next to Keywords select Classic
  10. Next to User be sure that is selected so that any user who logs in to this system will have log entries created. 
  11. Your completed dialog box will look like that shown in Figure 8-10. Click OK. If an Event Viewer dialog box appears, click Yes
  12. In the Save Filter to Custom View dialog box, next to Name, enter All Events
  13. Next to Description, enter All Events. Click OK
  14. In the left pane under Event Viewer (Local), double-click Custom Views if necessary to display the custom view. Display your view by clicking on it. 
  15. Close Event Viewer and all windows. 
  16. Reboot the system. 
  17. If necessary, launch Event Viewer by clicking Start and then typing Administrative Tools in the Search programs and files box. Click the Administrative Tools folder and then double-click Event Viewer.
  18. In the left pane under Event Viewer (Local), double-click Custom Views if necessary to display the custom views. Display your view by clicking it. What new events have occurred? 
  19. Close all window.


custom view dialog box

Show More

Answer :

For solution, connect with our online Professionals.