Textbook: Simpson, Michael T. Hands-On Ethical Hacking and Network Defense. Thomson Course Technology, 2006.
Reading:
Textbook –
Chapter 5, pp. 89–104
Chapter 6, pp. 109–133
Assignments:
Review Questions (RQ):
Chapter 5, pp. 105–107,
Chapter 6, pp. 133–136
Lab(s):
LAB 1: ENUMERATING A WINDOWS OPERATING SYSTEM
Complete Activity 6.2, Chapter 6, pp.117 from your textbook. This activity will help you examine several tools required to enumerate a Windows operating system.
To complete the activity, use the IP address of your computer rather than that of your partner’s computer. Following are the steps to find out the IP address of your computer. Perform these steps before you start the activity so that you have all the information required to complete it:
1. On the desktop, click Start.
2. Click All Programs.
3. Click Accessories.
4. Click Command Prompt.
5. Type IPCONFIG /ALL in the Command Prompt window.
6. Note the current IP address and host name of your computer. The host name is the same
as your computer name.
For this activity, you will also need to share files and folders. If you are running Windows XP with service pack 2, you need to enable file and print sharing to share your files. You can do this with the Windows XP Network Setup Wizard. To enable file and print sharing, you need to perform the following steps:
1. Click Start on the desktop.
2. Click All Programs.
3. Click Communications.
4. Click Windows XP Network Setup Wizard.
5. Complete the steps for enabling file and print sharing in this wizard.
6. Restart your computer. Ensure that you save all relevant work before restarting your computer.
After you complete Activity 6.2, answer the following questions:
1. What information can you obtain by using the Net View command on your PC?
2. What information can you obtain by using these tools on a corporate network?
3. What are the risks involved in file sharing?
Evaluation Criteria:
1. Did the students describe the shares observed on their computers?
2. Did the students observe that they could look at or use others’ shares on the same network?
3. Did the students describe the risks of file sharing?
4. Did the students describe the use of file sharing networks such as Kazaa or Morpheus?
Deliverables and format: Assignment due in class.
Submit a Microsoft Word document in not more than 150 words.
Font: Arial; 11 Line Spacing: Double
Case Assignment 1 (CA1)
Title: Windows Server 2003 Server Roles and Audit Events
Introduction:
Servers in an enterprise or organizational setting, in general, play a defined role. This role is based on the needs of the organization. Often, these needs conflict with the most effective methodology for securing these esources. A web server must be open to port 80 traffic if it is to serve public Web pages. This assignment helps identify the functional role of these resources and how to track potentially intrusive events.
This assignment has two parts:
Part A
In Table 3.1, describe the server roles and the functions that each type of server performs.
Audit account logon events
Table 3.1 Windows Server 2003 Server Roles
To be emailed to students
Part B
Using Table 3.2, write a paragraph on any four audit security settings and why Microsoft recommended that setting, based on the category of the illustrated server role:
Legacy Client—LC , Enterprise Client—EC, or Specialized Security-Limited Functionality—SS
Table 3.2: Audit Events Recommended By Microsoft
To be emailed to students
Evaluation Criteria:
• Did student fill in chart with all nine role/function information?
• Is the provided description sufficient for 100%, 50%, or 0 % credit for each server role?
• Did the student provide the following for each of the audit category
1 Description of the event
2 Opinion on why Microsoft recommended a particular setting
Deliverables and format: Assignment due at the beginning of the next class.
Submit your answer in a Microsoft Word document in not more than 500 words.
Font: Arial; 11
Line Spacing: Double
Submit each assignment type as a separate attachment (CA1, LABs, RQ)
Refer to General Course Information for Email and Assignment Instructions.
Instructor: Mr. Beard
