Q: What do you need to consider in order identifying what information will need to be supplied for the above user account screens?
A: There are depending on the organisation’s security procedures. Some of the data will be determined by the procedures. For example, an organisation may have decided that users cannot change their own passwords. In this case, the ‘user cannot change password’ box will always be checked.
Assume that an organisation has the following security procedures:
.Username to be surname plus initial
.Initial password to be the username but users must change at next logon
.Initial password to be the username but users must change at next logon
.Users can change their own password
.Passwords to be changed every 30 days.
.
In this case, the only information (other than resource access) that the manager will need to supply is the full name of the user and any description that is required.
In this case, the only information (other than resource access) that the manager will need to supply is the full name of the user and any description that is required.
Q: What is the most important issue that you need to consider when developing the procedures for the Network Administrator to deal with forgotten passwords? Suggest some ways of dealing with this issue.
A: The most important issue to be dealt with is for the administrator to verify that the user requesting a replacement password is, indeed, who they say they are. There are several ways that this may be de
.Storing personal details about the user such as date of birth or a
PIN that the user must quote
.Channelling such requests through the user’s manager in writing — a good reason to keep hard copy records of the account creation for users
.Monitoring the frequency of such requests. For example, if a hacker requests a change then the real user will not be able to log on. This user will then request a new password. Two requests in a few days could indicate a problem.
.Checking account logon attempts before changing the password. Most systems allow for an account lock-out if more than, say, three unsuccessful attempts were made to log in. These could indicate a hacker attempting access.alt with, including:
Q: List some of these IT security procedures you need to consider and follow.
A: Handling the user account is only part of the story. Some of the procedures that I need to consider include:
What is to happen to all the files and documents that the outgoing person created?
Prior to computers, the new person would look through the filing cabinets in the office.
Today, they need to look through the electronic files and review documents, spreadsheets, databases, etc.Mail may have been addressed to the former employee and could be forwarded to the new person.
Does email need a similar process to be implemented or should the manager get all mail intended for someone who no longer works in the company?
Does the new user account (for the new person) immediately update all telephone lists and other directories that may be on the system?
Q: Your task for this activity is to set up the user access for two users, using these requirements.
We want you to alter the current open access of all times for Caroline Weller who works Monday to Friday 9:00 to 17:00, with the exception of Thursday when she works 8:00 to 13:00. You have been asked to set her logon hours accordingly.
Additionally, Brian Fellowes, in Accounting, uses two workstations that have a Windows 98 platform: accounting1 and accounting2, and you have been asked to set his access rights to those two machines only.
A: These following two screen shots are shown the logon hours for Caroline Weller (Figure 1) and restricted workstation access for Brian Fellowes (Figure 2).
Figure 1: Logon hours for Caroline Weller
Figure 2: Restricted workstation access for Brian Fellowes
Q: Your task is to create a graphical representation of this system. E.g.
think along the lines of a flow chart, or process chart.
Physical drive 0 has the operating system.
The inetpub folder contains the default web page and program files, etc
.Physical drive 1 is partitioned as a primary and extended logical drive with data on each partition.
Figure 5: Defining products to scan
One partition contains data for the Legal Department — for both individual user directories and shared directories for sub sections within the Legal Department.
The other partition is for the Accounting Department with directories developed in a similar manner to Legal’s.
A: It’s often good to document the file system graphically, as well as with written specifications. Here’s an example of how this might look:
Figure 3: File system
Q: Record a security access registry entry to satisfy these details.
The security for the new Legal Department employee, Caroline Weller, was configured on 28/07/04 by David Glass, Network Administrator, with approval from Stanley Holloway, Systems Engineer.
Caroline’s logon name is cweller and her supervisor is Gavin Masters, Senior Counsel at Forth Management Associates.
Caroline can log on to the local domain and has no additional privileges.
A: There are some examples of record a security access registry as follows:Example entry
User’s name: Ms Caroline Weller
Organisation department: Legal
Login name: Cweller
Group membership: Users, LegalImmediate supervisor: Gavin Master, Senior Counsel
Domain access: Domain localAdditional access privileges: NIL
Date of current privileges: 28/07/2004
Access configured by: David Glass, Network Administrator
Security access approved by: Stanley Holloway, Systems Engineer
Q: Describe the features provided by the Microsoft Software Inventory Analyser.
A: There are some of the features that provide by the Microsoft Software Inventory Analyser as illustrated below:
.There is a wizard to help you install the software.
.You are able to select which software to scan from a list.
.You can set a preference for how to view your scan report.
.The scan summary report includes a list of how many installations of each software product have been found.
Figure 4: Installing the Analyser using a wizard
Figure 5: Defining products to scan
Figure 6: Confirming preferences for a report
No comments:
Post a Comment