NTC 324 Week 5 Lab 17-100% Correct Answer

NTC 324 Week 5 LAB 17
CONFIGURING SECURITY POLICIES 
	
THIS LAB CONTAINS THE FOLLOWING EXERCISES AND ACTIVITIES:
Exercise 17.1
Lab Challenge
Exercise 17.2
Lab Challenge 	Configuring Security Policies
Assigning User Rights                                                                                                      
Configuring Audit Policies
Viewing Auditing Data



Exercise 17.1	Configuring Security Policies
Overview
	In this exercise, you examine the default Security Policy settings for your domain and then create a GPO containing new and revised settings.
Mindset	How can you control access to your network computers using security policies? 
Completion time	15 minutes




Question 1	How can you tell which of the policies in the Security Options folder have changed settings in the Default Domain Policy GPO?
By selecting the Default Domain Policy GPO in the Group Policy Management console and clicking the Settings tab and the Show All link, the policies configured in the GPO appear with their settings.



4.	Press Alt+Prt Scr to take a screen shot showing the existing Security Options settings in the Default Domain Policy GPO. Press Ctrl+V to paste the image on the page provided in the Lab 17 worksheet file.

[ ]




Question 2	Why is it necessary for the Revised Options GPO to appear first in the list?
The Revised Options GPO must be first in the list so that its settings will take precedence over those in the Default Domain Policy GPO. If this was not the case, then the Network Security: Force logoff when logon hours expire policy would retain its original, disabled value, instead of being enabled.



Lab Challenge	Assigning User Rights
Overview
	In this exercise, you add a selection of user rights assignments to the ones that already exist.
Completion time	15 minutes

Your organization has created a new job role called the director, and your job is to provide the new directors with the domain controller user rights they need to perform their jobs. The Directors group has already been created in the adatum.com domain. To complete this challenge, you must grant the Directors group the following user rights to all the domain controllers on the network, without interfering with any of the existing rights.

•	Deny logon locally
•	Add workstations to domain
•	Force shutdown from a remote system
•	Enable computer and user accounts to be trusted for delegation
•	Manage auditing and security log
•	Shut down the system
Write out the basic steps you have to perform to accomplish the challenge and then take a screen shot showing the user rights you configured and press Ctrl+V to paste the image on the page provided in the Lab 17 worksheet file.


1.	From the Tools menu, select Group Policy Management. The GPM console appears
2.	Expand the forest container and browse to the domain. Then expand the domain container and select the Group Policy Objects folder. The GPOs that currently exist in the domain appear in the Contents tab
3.	Right-click the Default Domain Policy GPO and click Edit. A Group Policy Management Editor window for this policy appears.
4.	Browse to the Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies node and select User Rights Assignment. The user rights assignment settings appear in the right pane. 
5.	Double-click “Deny Log on locally” setting and select the Define this Policy Setting check box
6.	Click Add User or Group. In the next window, click Browse 
7.	When the next window appears, in the “Enter the object names to select” text box, type “Directors” and then click Check names
8.	Click OK, then OK, then OK. The name of the group (Adatun\Directors) appears in the Deny Log on locally” Properties page.
9.	Repeat steps 5 through 8 for the for the following 5 user rights assignments settings:
•	Add workstations to domain
•	Force shutdown from a remote system
•	Enable computer and user accounts to be trusted for delegation
•	Manage auditing and security log
•	Shut down the system



 



Exercise 17.2	Configuring Audit Policies
Overview
	In this exercise, you configure the auditing policies to monitor account logons and access to specific objects. 
Mindset                                                                                                                                                  	How can you use the auditing capabilities in Windows Server 2012 to increase the security of your network without overwhelming yourself with data?
Completion time	20 minutes


Question 3	Why, in this case, is the auditing of event failures more useful than the auditing of successes?
When auditing logon events, success is the normal result. A long string of successes indicates that everything is proceeding correctly. A string of logon failures, however, could indicate that someone is attempting to penetrate security by guessing passwords. Auditing failures is, therefore, a more critical indication of trouble.

9.	Press Alt+Prt Scr to take a screen shot showing the policies you configured. Press Ctrl+V to paste the image on the page provided in the Lab 17 worksheet file.

 


Question    4	Why is it prudent to limit the event log size when using auditing.
Some types of auditing can generate a large amount of event log data, and limiting the maximum size of the log can prevent the system from being overwhelmed.



Lab Challenge	Viewing Auditing Data
Overview
	To complete this exercise, you must demonstrate that your SVR-MBR-B computer is actually gathering the auditing data you configured its policies to gather.  
Mindset                                                                                                                                                  	How do you display auditing data?
Completion time	10 minutes

To complete this challenge, display the auditing data you configured your server to gather in Exercise 17.2. Press Alt+Prt Scr to take a screen shot showing a sample of the data you gathered. Press Ctrl+V to paste the image on the page provided in the Lab 17 worksheet file.