Security Essentials, Lab Manual page v

v Contents Introduction . . . . . . . . . . . . . . . . . . . . . . iii CHAPTER 1 Introduction to Information Security Lab 1-1: Security Reports . . . . . . . . . . . . . . . 1 Lab 1-2: Compliance Aspects with PCI DSS Framework. . . . . . . . . . . . . . . . . . . . . . 3 Lab 1-3: Exploring the CIS Framework . . . . . . . 5 Lab 1-4: Compliance Issues with Gramm- Leach-Bliley Act. . . . . . . . . . . . . . . . . . . 7 CHAPTER 2 Threats, Attacks, and Vulnerabilities Lab 2-1: Free Antimalware. . . . . . . . . . . . . . 9 Lab 2-2: Macros and Macro Settings. . . . . . . . 11 Lab 2-3: Weak Configurations . . . . . . . . . . . 14 Lab 2-4: Malicious USB Prevention . . . . . . . . 17 CHAPTER 3 Security Evaluation Lab 3-1: Explore Threat Intelligence Sources . . 19 Lab 3-2: Vulnerability Scanner . . . . . . . . . . . 22 Lab 3-3: Performance Monitoring . . . . . . . . . 25 Lab 3-4: Explore Syslog in Linux . . . . . . . . . . 27 Lab 3-5: Event Logging in PowerShell. . . . . . . 29 CHAPTER 4 Managing User Security Lab 4-1: Local Password Policy . . . . . . . . . . . 33 Lab 4-2: Shares and Permissions. . . . . . . . . . 36 Lab 4-3: NTFS and Combined NTFS Share Permissions. . . . . . . . . . . . . . . . . . . . . 38 Lab 4-4: Configuring Role-Based Access . . . . . 41 Lab 4-5: Auditing File Usage . . . . . . . . . . . . 45 CHAPTER 5 Physical Security Lab 5-1: Security Controls . . . . . . . . . . . . . . 47 Lab 5-2: Implementing Security Controls. . . . 50 Lab 5-3: Physical Security Recommendations. . 52 Lab 5-4: Viewing and Recovering Deleted Files. . . . . . . . . . . . . . . . . . . . . . . . . . 54 CHAPTER 6 Device Security Lab 6-1: Windows Services . . . . . . . . . . . . . 57 Lab 6-2: Secure Workstation Policies . . . . . . . 60 Lab 6-3: Hardening Windows Device Drivers . . 62 Lab 6-4: Viewing Settings with WinPatrol. . . . 65 CHAPTER 7 Application Development and Security Lab 7-1: HTML Web Page and Scripts. . . . . . . 67 Lab 7-2: Web Server. . . . . . . . . . . . . . . . . . 70 Lab 7-3: Input Validation. . . . . . . . . . . . . . . 74 Lab 7-4: Relational Tables. . . . . . . . . . . . . . 76 Lab 7-5: SQL Commands . . . . . . . . . . . . . . . 78 Lab 7-6: Viewing Memory Leakage . . . . . . . . 81

Previous Page Next Page

Security Essentials, Lab Manual Page v (5 of 232)

Resources and Downloads

Help