LAB :: Protecting Digital Evidence, Documentation, and the Chain of Custody

User Generated

nyndrry_n

Computer Science

Description

Attached lab need to be answered.

Note: need to check it in turnitin before delever it.

Thanks

Unformatted Attachment Preview

Assessment Worksheet Protecting Digital Evidence, Documentation, and the Chain of Custody Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you first used the Windows Event Viewer utility to search for failed logon attempts, which could indicate a possible intrusion by an unauthorized user. You also generated your own errors by attacking the Windows Server 2012 machine and then reviewed the Internet Information Services (IIS) logs to find those errors. Finally, you documented your findings and recommended remediation steps. Lab Assessment Questions & Answers 1. How many failed logons were detected? 2. Specify the date/timestamp when monitoring started and when the attacks in Part 2 of the lab occurred. 3. What options are available to prevent brute force authentication attacks in a Windows-based domain? 4. What is an insider attack? Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Student Lab Manual 5. If the attacks for this lab were coming from an internal IP, would you allow the attack to continue to investigate further or stop the attack? 6. With the information provided in this lab, what steps would you take to prevent a reoccurrence of an external attack? 7. What is a best practice to deter insiders from even thinking about executing an attack? Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Student Lab Manual
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

Name
Supervisor
Course
Date

1.

17 failed logins

2.

19 March @ 2002-14 may 2014 @ 1925

3.


Use complex passwords.



Block IP addresses which a lot failed login trials.



Implement password expiry.



Keep in watch your log file for detec...


Anonymous
Super useful! Studypool never disappoints.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags