Revision
Under what circumstances would you recommend developing a hardware installation plan?
For the purpose of interoperability - you need to ensure that all hardware and software used is compatible with each other. Basically whenever you are upgrading or installing new hardware it is wise to do the necessary research first.
What does DHCP stand for, how does it work and when would it be used? Dynamic Host Configuration Protocol -
Dynamic Host Configuration Protocol is a way to manage network parameter assignment from a single DHCP server, or a group of DHCP servers arranged in a fault-tolerant manner. Even in small networks, Dynamic Host Configuration Protocol is useful because it can make it easy to add new machines to the local network.
DHCP is also recommended even in the case of servers whose addresses rarely change, so that if a server needs to be readdressed, changes can be made in as few places as possible. For devices such as routers and firewalls, that should not use DHCP, it can be useful to put Trivial File transfer Protocol (TFTP) or SSH servers on the same machine that runs DHCP, which also serves to centralize administration.
DHCP can be used to assign addresses directly to servers and desktop machines, and, through a Point to Point (PPP) proxy, to dialup and broadband on-demand hosts, as well as for residential Network Address Translation(NAT) gateways and routers. DHCP is generally not appropriate for infrastructure such as non-edge routers and DNS servers.
What does IIS stand for? - Internet Information Services.
Activities.
1.Use an Internet search engine to locate an IT security policy.
2. Review your network policy that you obtained in Activity 1 and answer the following questions
1. What type of policy is it (security, acceptable use, etc...)? It is an overall computer use security policy for a university.
2. Briefly describe the scope of the policy document. Below is the "pre-amble" provided on the policy overview page.
Preamble
Murdoch University acknowledges an obligation to ensure appropriate security for all Information Technology data, equipment, and processes in its domain of ownership and control. This obligation is shared, to varying degrees, by every member of the university.
This document will:
- Enumerate the elements that constitute IT security.
- Explain the need for IT security.
- Specify the various categories of IT data, equipment, and processes subject to this policy.
- Indicate, in broad terms, the IT security responsibilities of the various roles in which each member of the university may function.
- Indicate appropriate levels of security through standards and guidelines.
Scope of IT Security.
Security can be defined as "the state of being free from unacceptable risk". The risk concerns the following categories of losses:
- Confidentiality of Information.
- Integrity of data.
- Assets.
- Efficient and Appropriate Use.
- System Availability.
Confidentiality refers to the privacy of personal or corporate information . This includes issues of copyright.
Integrity refers to the accuracy of data. Loss of data integrity may be gross and evident, as when a computer disc fails, or subtle, as when a character in a file is altered.
The assets that must be protected include:
- Computer and Peripheral Equipment.
- Communications Equipment.
- Computing and Communications Premises.
- Power, Water, Environmental Control, and Communications utilities.
- Supplies and Data Storage Media.
- System Computer Programs and Documentation.
- Application Computer Programs and Documentation.
- Information.
Efficient and Appropriate Use ensures that University IT resources are used for the purposes for which they were intended, in a manner that does not interfere with the rights of others.
Availability is concerned with the full functionality of a system (e.g. finance or payroll) and its components.
The potential causes of these losses are termed "threats". These threats may be human or non-human, natural, accidental, or deliberate.3. Are there details of what will happen if the policy is not followed? If so, detail them. Yes, the university reserves the right to withdraw the availability of all computer and network usage to anyone who is deemed to be in breach of the campus security policy.
4. Are there details of when the policy is to be reviewed? If so, when?
The IT Security Policy is be a "living" document that will be altered as required to deal with changes in technology, applications, procedures, legal and social imperatives, perceived dangers, etc.
Major changes will be made in consultation with ITPC, ITMC, SEG, and Academic Council, and with the approval of the Vice-Chancellor.
Minor changes will be approved by the Business Manager of the University.
Activity 3
Using Computer Management Console
To complete this activity you need to be logged on to the server with administrator privileges
In this activity you will use the Computer Management console to view disk information about your server
1. From Administrative Tools select Computer Management
2. Click Storage, and then click Disk Management. The Disk Management window opens
3. Record the details about the hard drive(s)
Disk 0: _C 9.77G_________ __NTFS Healthy______________________________________
Disk 1: __None________ ________________________________________
4. Record the following information about your server volume(s) below:
| | Volume C: | Volume D: | | |
| Size (GB) | | | | |
| File system | | | | |
| Capacity | | | | |
| Free space | | | | |
| % Free | | | | |
Activity 4
Using Microsoft Management Console (MMC)
To complete this activity you need to be logged on to the server with administrator privileges
1. Click Start, click Run, type mmc, and then click OK
2. Click the File menu, and click Add/Remove Snap-in... The Add/Remove Snap-in dialog box opens
3. Click the Add... button and the Add Standalone Snap-in dialog box appears
4. From the list, select Disk Management (local) and click Add. Select the Local computer: radio button from the Select Computer dialog box
5. Click the Finish button
6. Repeat steps 4 and 5 to add Disk Defragmenter
7. Click the Close button
8. Click the File menu, and click Save As... Enter Disk console for the file name
9. Close the disk console window
10. Click Start, and then click All Programs
11. Click Administrative tools
12. Select Disk console.msc and drag it on to your desktop to create a shortcut
13. Double click on your shortcut to test your new console
Activity 5
Using the Active Directory Group Policy to enforce password policies
To complete this activity you need to be logged on to the server with administrative privileges
Creating the password policy
1. Logon to the server as administrator
2. Click Start, and then click All Programs
3. Click Administrative tools, and then click Active Directory Users and Computers
In the left hand pane, right click your domain and select Properties from the drop-down menu
4. The Properties dialog box for your domain will open. Select the Group Policy tab
5. Click the Edit button to edit the Default Domain Policy
6. The Group Policy Object Editor opens
7. In the left hand pane, select Computer Configuration, then select Windows Settings, then select Security settings, then select Account Policies, then select Password Policy
8. To change a setting, select the setting you want to change in the right hand pane and double click
9. Open Enforce password history. The Enforce password history Properties dialog box will open
10. Check the Define this policy setting checkbox and enter 10 in the password remembered list
11. Click the Apply button, then click OK
12. For each policy setting, set the Security Setting as shown below:
Enforce password history: 10 passwords remembered
Maximum password age: 42 days
Minimum password age: 0 days
Minimum password length: 6 characters
Password must meet complexity requirements: Enabled
Store password using reversible encryption for all users in the domain: Enabled
13. Exit the Group Policy Editor
Testing the password policy
14. Open Active Directory Users and Computers, and create a new user account
15. Enter a password that does not meet the password complexity requirements and record the message that is displayed below
Windows cannot set the password for (user). The password does not meet the password policy requirements. Check the minimum password length, password complexity & password history requirements.
16. Enter a suitable password
17. Close Active Directory Users and Computers
Afternoon session;
The afternoon was spent actually creating a small network with no internet connection. The main components are listed below:
- One server
- One-three hosts
- One hub
- One power cord for hub
- All other media connections.
Once connected it was necessary to enter an IP address for the host, which needed to be different from the server IP address (only the host section). We then "pinged" one from the other to test connectivity (ping.....IP host address in MSDOS).
Finally we attempted (successfully, I might add) to connect as one of the users that we had set up on the server as an administrator.
.
