Cash-back offer from March 22nd to 31st, 2024: Get a flat 10% cash-back credited to your account for a minimum transaction of $50.Post Your Questions Today!

Question DetailsNormal
$ 30.00

VIEW THE STEP-BY-STEP SOLUTION TO: CSIA 310: Cybersecurity Processes & Technologies Lab #1:

Question posted by
Online Tutor Profile
request

 

CSIA 310: Cybersecurity Processes & Technologies
Lab #1: Develop System Administration Procedures for Windows 8.1 Security Configuration
Purpose: Develop systems administration procedures to implement systems security configuration
guidance and best practices.
Objectives
1. Develop a Windows system restore point systems administration procedure to implement an
industry recognized best practice for maintaining system integrity and availability.
2. Develop a Windows system administration procedure to manage programs and features.
3. Develop a systems administration procedure to implement configuration rules from systems
security technical guidance issued by a vendor or government organization.
Overview
In this lab, our focus is upon developing a set of procedures which can be incorporated into an
organization’s security implementation guidance and documentation. For each procedure, you will
develop, test, and document the steps required to implement the selected best practices and security
configuration guidance (as provided in the lab instructions and notes). You will write three separate
procedures for this lab:
(a) Creating, Using, Removing System Restore Points for Windows 8.1
(b) Managing Windows 8.1 Programs and Features
(c) Implementing Security Configuration Rules for Windows 8.1
Each procedure will have the following major sections (see Figure 1): Title:
Operating Environment:
Description:
Notes, Warnings, & Restrictions:
Resources (Further Reading):
Procedures: Some procedures will contain a large number of steps. To make the procedures easier to read,
you should divide your procedures into groups of related steps. Place a group heading (e.g. Create
System Restore Points) at the beginning of each group. Each group heading should be followed by a brief
paragraph that explains the purpose of the group (e.g. This group (or “section”) contains step by step
instructions for creating System Restore Points using the “System Restore ” tool….) Copyright ©2016 by University of Maryland University College. All Rights Reserved CSIA 310: Cybersecurity Processes & Technologies
Title:
Operating Environment:
1. Hardware
2. Software
Description:
Notes, Warnings, & Restrictions:
Resources (Further Reading):
1.
2.
3.
Procedures:
[Group Heading]
Brief introduction paragraph for this group of steps
1.
2.
3.
[Group Heading]
Brief introduction paragraph for this group of steps
1.
2.
3. Figure 1. Required Outline for System Administration Procedures
Instructions
Part (a): Implementing System Restore Points
1. Investigate the System Restore tool (used to manage system restore points). To access the
tool, open the System tool from Control Panel (Control Panel > System and Security >
System). Then, click on System Protection (left menu).
2. Identify appropriate sources of information (e.g. Windows Help, Microsoft Technet, etc.) for
instructions for using the Windows 8.1 System Restore Point capability. Using those sources,
research the procedures required to perform the following tasks:
a. Create a system restore point for a Windows 8.1 system
b. Use a system restore point to roll-back changes made to a Windows 8.1 system
c. Remove system restore points from a Windows 8.1 system (some and all)
Note: you will not be able to do the full rollback (item 2(b)) in the VDA due to security restrictions. Your
procedure should contain these steps, however. Use the Microsoft “System Restore” documentation to
obtain the required information about what happens after the system restart for the rollback. You do not
need to provide an “after” snapshot for this step. Copyright ©2016 by University of Maryland University College. All Rights Reserved CSIA 310: Cybersecurity Processes & Technologies
3. Paste the procedure outline (Figure 1) into your Lab #1 file. Make sure that you insert a page
break so that the “Title” heading appears at the top of a new page.
4. Using the required outline, develop a systems administration procedure which can be used
to perform tasks related to item #1 (management and use of system restore points).
5. Test your draft procedures using the virtual machine provided in the online lab environment
(UMUC’s VDA). Do NOT use your personal computer or a work computer.
6. As you run your tests, collect screen snapshots to illustrate key steps in your procedures.
(Use the snipping tool on your local PC to snapshot portions of the VDA browser or client
window.) Insert these snapshots at the appropriate points in your procedure. The snapshots
must show the procedures as run in the VDA environment. Part (b): Managing Programs and Features for Windows 8.1
1. Investigate the Programs and Features tool (used to manage installed programs and optional
features / capabilities). To access the tool, open Programs and Features from the Windows
Control Panel.
2. Identify appropriate sources of information (e.g. Windows Help, Microsoft Technet, etc.) for
instructions for using the Programs and Features tool. Using those sources, research the
procedures required to perform the following tasks:
a. Turn Windows Features On or Of
b. Modify, Repair, or Uninstall a program from a Windows 8.1 system
c. Select and Install Updates for Windows and Windows Applications, Find an installed
Update, Remove an installed update
3. Paste a second blank copy of the procedure outline (from Figure 1) at the end of your Lab #1
file. Make sure that you insert a page break before you paste to ensure the “Title” heading
appears at the top of a new page.
4. Using the required outline, develop a systems administration procedure which can be used
to perform tasks related to item #2. Provide examples for each of the required tasks. (Select
a specific feature, program, or update and use that as an example in your procedure.)
5. As you run your tests, collect screen snapshots to illustrate key steps in your procedures.
(Use the snipping tool on your local PC to snapshot portions of the VDA browser or client
window.) Insert these snapshots at the appropriate points in your procedure. The snapshots
must show the procedures as run in the VDA environment.
Part (c): Implementing Security Configuration Rules Using the Local Group Policy Editor
Note: you are NOT implementing the DISA / DoD STIG in this section. You are implementing a set of
security configuration rules that your “company” has selected from industry accepted sources. Copyright ©2016 by University of Maryland University College. All Rights Reserved 1. 2.
3. 4. 5. 6.
7. 8.
9. CSIA 310: Cybersecurity Processes & Technologies
Investigate the Local Group Policy Editor tool (Windows Key + R then type gpedit.msc). Pay
particular attention to the menu tree in the left hand pane (expand and review the
categories of settings which can be changed using this tool).
Research the security configuration rules listed in Table 1. These rules were developed from
the Department of Defense Security Technical Implementation Guidance for Windows 8.1.
When you are ready to begin writing your procedure, paste a blank copy of the procedure
outline (from Figure 1) at the end of your Lab #1 file. Make sure that you insert a page break
before you paste to ensure the “Title” heading appears at the top of a new page.
Determine how you will group related security configuration rules. Each group will need a
“section heading” (see Figure 1) and introductory paragraph (2 -3 sentences) which explains
the purpose of the group.
Next, develop a step by step procedure for each group of rules. See the “Suggested
Procedure Group” column in Table 1 for suggested categories. Your groupings should allow
for inclusion of additional, related rules at a later date. (For example, there are two “energy
saving” rules in the table; an organization may wish to add additional rules to this category
at some point in the future.)
For each group of rules, develop step-by-step written procedures for systems administrators.
Your written procedures must implement the “remediation” guidance as listed in Table 1 i.
Test your procedures by running them in the VDA. As you run your tests, collect screen
snapshots to illustrate key steps in your procedures. (Use the snipping tool on your local PC
to snapshot portions of the VDA browser or client window.) Insert these snapshots at the
appropriate points in your procedure. The snapshots must show the procedures as run in the
VDA environment.
Incorporate your screen snapshots for key steps into the draft procedures. Each snapshot
should be placed UNDER (after) the step to which it applies. Captions are not required.
Make any additional changes required to address issues found during testing of the step-bystep procedures. Finalize Your Deliverable
1. Using the grading rubric as a guide, refine your step-by-step procedures. Your final products
should be suitable for inclusion in an organization’s Systems Administrator’s Handbook.
Remember that you are preparing multiple system administration procedures which must be
presented separately.
2. As appropriate, cite your sources using footnotes or another appropriate citation style.
3. Use the resources section to provide information about recommended readings and any
sources that you cite. Use a standard bibliographic format (you may wish to use APA since
this is required in other CSIA courses). Information about sources and recommended
readings, including in-text citations, should be formatted consistently and professionally. Copyright ©2016 by University of Maryland University College. All Rights Reserved CSIA 310: Cybersecurity Processes & Technologies
4. Each procedure document should be placed in the listed order in a SINGLE FILE (see
deliverables list above). Each file should start with a title page which lists the following
information: Lab Title and Number Procedure Name Date Your Name
5. The CSIA 310 Template for Lab Deliverable.docx file is set up to provide the required title
page and three lab procedure templates.
Additional Requirements for this Lab
1. Your target audience for these procedures will be Windows 8/8.1 SYSTEM ADMINISTRATORS. Do
not write procedures for home users or individuals using their own computers.
2. Your step-by-step procedures should tell the System Administrator where to find and how to
launch the systems administration tools used to change security configuration settings for the
Windows 8.1 operating system.
3. It is not necessary to specify every step that a system administrator must take to implement the
security rules. But, you must address each security configuration rule separately and include
enough detail that your reader will understand how to perform the required steps to implement
the security configuration changes.
4. Use screen snapshots to cue the reader to important steps or provide information required to
complete check points for proper completion of a step or set of steps (e.g. including a snapshot
which shows the “after” state for a group of security settings).
5. Make sure that your snapshots will enhance the reader’s understanding of the procedure and
required configuration changes. Too many snapshots or illustrations can make a procedure
difficult to use.
6. All snapshots must be created by you for this lab using screen captures showing how you
personally performed (tested) the systems administration procedure as written by you. You may
not copy and paste images from help pages, manuals, or the Internet.
7. Images (screen snapshots) should be cropped and sized appropriately.
8. A screen snapshot belonging to a specific procedure step does not require a caption.
9. Make sure that the sources you cite or recommend (additional reading) are authoritative and are
the best ones available.
10. Your Operating Environment section should identify the hardware, operating system, and/or
software applications to which the procedure applies. For this lab, your procedures will apply to:
a. Hardware: Laptop or Desktop Computers
b. Operating System: Windows 8.1 Professional
11. Your Notes, Warnings & Restrictions section should include important information that is not
found elsewhere in the procedures document. For example, this section could include
information about alternatives to the selected security configuration settings. Or, this section
could include information about related security procedures or policies. If this procedure
implements controls relevant to an external security requirement, e.g. the HIPAA Security Rule,
Copyright ©2016 by University of Maryland University College. All Rights Reserved CSIA 310: Cybersecurity Processes & Technologies
then that information should be included in the notes section. Consult the Windows 8.1 STIG to
see what types of information you may need to include in your document. This section should
also include important information about harm or risk that could occur if the procedure is not
correctly followed or implemented.
12. The procedures that you write for this lab will become part of the final project for this course
(System Administration Manual). Table 1 begins on the next page. Copyright ©2016 by University of Maryland University College. All Rights Reserved CSIA 310: Cybersecurity Processes & Technologies
Table 1. Required Security Configuration Rules
Rule ID Rule Vulnerability Discussion Remediation SV-48022r1_rule The required legal
notice must be
configured to
display before
console logon. Failure to display the logon
banner prior to a logon
attempt will negate legal
proceedings resulting from
unauthorized access to
system resources. SV-48049r1_rule The Ctrl+Alt+Del
security attention
sequence for
logons must be
enabled. SV-48510r1_rule The Windows
dialog box title for
the legal banner
must be
configured. Disabling the Ctrl+Alt+Del
security attention sequence
can compromise system
security. Because only
Windows responds to the
Ctrl+Alt+Del security
sequence, you can be
assured that any passwords
you enter following that
sequence are sent only to
Windows. If you eliminate
the sequence requirement,
malicious programs can
request and receive your
Windows password.
Disabling this sequence also
suppresses a custom logon
banner.
Failure to display the logon
banner prior to a logon
attempt will negate legal
proceedings resulting from
unauthorized access to
system resources. Configure the policy value for Computer
Configuration -> Windows Settings ->
Security Settings -> Local Policies -> Security
Options -> "Interactive Logon: Message text
for users attempting to log on" to the
[banner text]. Note: see STIG for DoD
Warning Notice. In registry, check make sure
that you have configured the
"LegalNoticeText" value for key:
HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\
Configure the policy value for Computer
Banner
Configuration -> Windows Settings ->
Security Settings -> Local Policies -> Security
Options -> "Interactive Logon: Do not require
CTRL+ALT+DEL" to "Disabled". SV-48313r2_rule The display must
turn of after 20
minutes of
inactivity when
the system is
running on
battery. Configure the policy value for Computer
Configuration -> Windows Settings ->
Security Settings -> Local Policies -> Security
Options -> "Interactive Logon: Message title
for users attempting to log on" to a sitedefined warning. In registry, check make
sure that you have configured both the
"LegalNoticeCaption" value for key:
HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\
Turning of an inactive
Configure the policy value for Computer
display supports energy
Configuration -> Administrative Templates ->
saving initiatives. It may also System -> Power Management -> Video and
extend availability on
Display Settings -> "Turn Of the Display (On
systems running on a
Battery)" to "Enabled" with "1200" seconds
battery.
or less. Copyright ©2016 by University of Maryland University College. All Rights Reserved Suggested
Procedure
Group
Banner Banner Energy
Saving CSIA 310: Cybersecurity Processes & Technologies
Rule ID Rule Vulnerability Discussion Remediation SV-48314r2_rule The display must
turn of after 20
minutes of
inactivity when
the system is
plugged in.
The Smart Card
removal option
must be
configured to
Force Logof or
Lock Workstation. Turning of an inactive
display supports energy
saving initiatives. Configure the policy value for Computer
Configuration -> Administrative Templates ->
System -> Power Management -> Video and
Display Settings -> "Turn Of the Display
(Plugged In)" to "Enabled" with "1200"
seconds or less.
Configure the policy value for Computer
Configuration -> Windows Settings ->
Security Settings -> Local Policies -> Security
Options -> "Interactive logon: Smart card
removal behavior" to "Lock Workstation" or
"Force Logof". SV-48051r1_rule SV-48310r2_rule App notifications
on the lock screen
must be turned
of. SV-55990r2_rule Camera access
from the lock
screen must be
disabled.
(Windows 8.1) SV-55991r2_rule SV-48018r1_rule Unattended systems are
susceptible to unauthorized
use and must be locked.
Configuring a system to lock
when a smart card is
removed will ensure the
system is inaccessible when
unattended.
App notifications that are
displayed on the lock screen
could display sensitive
information to unauthorized
personnel. Turning of this
feature will limit access to
the information to a logged
on user.
Enabling camera access
from the lock screen could
allow for unauthorized use.
Requiring logon will ensure
the device is only used by
authorized personnel. Suggested
Procedure
Group
Energy
Saving Lock Screen Configure the policy value for Computer
Configuration -> Administrative Templates ->
System -> Logon -> "Turn of app
notifications on the lock screen" to
"Enabled". Lock Screen This requirement is NA for the initial release
of Windows 8. It is applicable to Windows
8.1. If the device does not have a camera,
this is NA. Lock Screen Configure the policy value for Computer
Configuration -> Administrative Templates ->
Control Panel -> Personalization -> "Prevent
enabling lock screen camera" to "Enabled".
The display of
Slide shows that are
Configure the policy value for Computer
slide shows on the displayed on the lock screen Configuration -> Administrative Templates ->
lock screen must
could display sensitive
Control Panel -> Personalization -> "Prevent
be disabled.
information to unauthorized enabling lock screen slide show" to
(Windows 8.1)
personnel. Turning of this
"Enabled". This requirement is NA for the
feature will limit access to
initial release of Windows 8. It is applicable
the information to a logged to Windows 8.1.
on user.
The shutdown
Preventing display of the
Configure the policy value for Computer
option must be
shutdown button in the
Configuration -> Windows Settings ->
available from the logon dialog box may
Security Settings -> Local Policies -> Security
logon dialog box.
encourage a hard shut down Options -> "Shutdown: Allow system to be
with the power button.
shutdown without having to log on" to
(However, displaying the
"Enabled".
shutdown button may allow
individuals to shut down a
system anonymously.) Copyright ©2016 by University of Maryland University College. All Rights Reserved Lock Screen Logon
Screen CSIA 310: Cybersecurity Processes & Technologies
Rule ID Rule SV-48164r1_rule The system must
be configured to
prevent the
display of the last
username on the
logon screen. SV-48228r2_rule SV-48244r2_rule SV-48245r2_rule SV-48460r2_rule SV-55993r2_rule Vulnerability Discussion Displaying the username of
the last logged on user
provides half of the
userid/password equation
that an unauthorized person
would need to gain access.
The username of the last
user to log onto a system
must not be displayed.
The classic logon
The classic logon screen
screen must be
requires users to enter a
required for user
logon name and password
logons.
to access a system. The
simple logon screen or
Welcome screen displays
usernames for selection,
providing part of the
necessary logon
information.
Users must be
Authentication must always
prompted for a
be required when accessing
password on
a system. This setting
resume from sleep ensures the user is
(on battery).
prompted for a password on
resume from sleep (on
battery).
The user must be Authentication must always
prompted for a
be required when accessing
password on
a system. This setting
resume from sleep ensures the user is
(plugged in).
prompted for a password on
resume from sleep (plugged
in).
The machine
Unattended systems are
inactivity limit
susceptible to unauthorized
must be set to 15 use and should be locked
minutes, locking
when unattended. The
the system with
screen saver should be set
the screensaver.
at a maximum of 15 minutes
and be password protected.
This protects critical and
sensitive data from exposure
to unauthorized personnel
with physical access to the
computer.
The network
Enabling interaction with
selection user
the network selection UI
interface (UI) must allows users to change
not be displayed
connections to available
on the logon
networks without signing Remediation
Configure the policy value for Computer
Configuration -> Windows Settings ->
Security Settings -> Local Policies -> Security
Options -> "Interactive logon: Do not display
last user name" to "Enabled". Suggested
Procedure
Group
Logon
Screen Configure the policy value for Computer
Configuration -> Administrative Templates ->
System -> Logon -> "Always use classic
logon" to "Enabled". If the system is a
member of a domain, this is NA. Logon
Screen Configure the policy value for Computer
Configuration -> Administrative Templates ->
System -> Power Management -> Sleep
Settings -> "Require a password when a
computer wakes (on battery)" to "Enabled". Logon
Screen Configure the policy value for Computer
Configuration -> Administrative Templates ->
System -> Power Management -> Sleep
Settings -> "Require a password when a
computer wakes (plugged in)" to "Enabled". Logon
Screen Configure the policy value for Computer
Configuration -> Windows Settings ->
Security Settings -> Local Policies -> Security
Options -> "Interactive logon: Machine
inactivity limit" to "900" seconds". Logon
Screen Configure the policy value for Computer
Configuration -> Administrative Templates ->
System -> Logon -> "Do not display network
selection UI" to "Enabled". Logon
Screen Copyright ©2016 by University of Maryland University College. All Rights Reserved CSIA 310: Cybersecurity Processes & Technologies
Rule ID SV-48465r2_rule Vulnerability Discussion screen. (Windows
8.1) SV-48464r2_rule Rule into Windows. Notifications from
Windows Push
Network Service
must be turned
of.
Toast notifications
to the lock screen
must be turned
of. The Windows Push
Notification Service (WNS)
allows third-party vendors
to send updates for toasts,
tiles, and badges.
Toast notifications that are
displayed on the lock screen
could display sensitive
information to unauthorized
personnel. Turning of this
feature will limit access to
the information to a logged
on user.
A system restore point
allows a rollback if an issue
is encountered when a new
device driver is installed. SV-48240r2_rule A system restore
point must be
created when a
new device driver
is installed. SV-48273r2_rule A screen saver
must be enabled
on the system. SV-48274r2_rule The screen saver
must be password
protected. Unattended systems are
susceptible to unauthorized
use and must be locked
when unattended. Enabling
a password-protected
screen saver to engage after
a specified period of time
helps protects critical and
sensitive data from exposure
to unauthorized personnel
with physical access to the
computer.
Unattended systems are
susceptible to unauthorized
use and must be locked
when unattended. Enabling
a password-protected
screen saver to engage after
a specified period of time
helps protects critical and
sensitive data from exposure
to unauthorized personnel
with physical access to the
computer. Remediation Suggested
Procedure
Group Configure the policy value for User
Configuration -> Administrative Templates ->
Start Menu and Taskbar -> Notifications ->
"Turn of notifications network usage" to
"Enabled".
Configure the policy value for User
Configuration -> Administrative Templates ->
Start Menu and Taskbar -> Notifications ->
"Turn of toast notifications on the lock
screen" to "Enabled". Notifications Configure the policy value for...

Available Answer
Other Similar Questions
User Profile
Assig...

Review the Resources and reflect on the web article Big Data Means Big Potential, Challenges for

Your assignment is attached. Thanks for purchasing this assignment!...
User Profile
termp...

Please review the full assignment prompt located within the classroom and in the GRO 410 C

Please review the full assignment prompt located within the classroom and in the GRO 410 Course Guide before beginnin LEARNING ACTIVITY WORKSHEET - Week One Please review the full assignment prompt located within the classr...
User Profile
termp...

Governmental Functions. Review the expanded functions of governments mentioned in Chapter

Governmental Functions. Review the expanded functions of governments mentioned in Chapter 6. Governmental Functions OMM 612 Managing in Social Change Governmental Functions. Review the expanded functions of government...
User Profile
termp...

COUN5108 U06D01.docx COUN-5108 Evidence-Based Individual Interventions Review the video

COUN5108 U06D01.docx COUN-5108 Evidence-Based Individual Interventions Review the video, Introduction to Motivational Interviewing, linked in Resources. Each scenario provides examples of how a motivational interviewing ap...
User Profile
QuizM...

NURS 432 Jonathan Herman | Interview the Patient | Review

NURS 432 Jonathan Herman | Interview the Patient | Review Answers and Rationale Your responses and feedback are displayed below. For more information regarding feedback, click "Help". When you are finished reviewing,...

The benefits of buying study notes from CourseMerits

homeworkhelptime
Assurance Of Timely Delivery
We value your patience, and to ensure you always receive your homework help within the promised time, our dedicated team of tutors begins their work as soon as the request arrives.
tutoring
Best Price In The Market
All the services that are available on our page cost only a nominal amount of money. In fact, the prices are lower than the industry standards. You can always expect value for money from us.
tutorsupport
Uninterrupted 24/7 Support
Our customer support wing remains online 24x7 to provide you seamless assistance. Also, when you post a query or a request here, you can expect an immediate response from our side.
closebutton

$ 629.35