Your team’s analysis of the policy matrix will allow team members to create an overview of the methods used to provide a Security Baseline Report of the organization and th
cyber security project
Your team’s analysis of the policy matrix will allow team members to create an overview of the methods used to provide a Security Baseline Report of the organization and the need for evolving summit communications.
Your team’s baseline analysis should also include an evaluation of network forensics information such as traffic analysis and intrusion analysis, as well as the type of information needed for any future forensics investigations. The team’s evaluation of information needs for network forensics could include what is needed to support security software and hardware across multiple platforms, multiple applications, and multiple architectures to communicate with the other nations. All teams will do this by using security baseline tools to build an audit file and then scan their systems. The systems should be hardened based on the policies, procedures, and standards to ensure desired levels of enterprise-wide information assurance requirements developed by the Global Economic Summit.
In the Security Baseline Report, which also includes the Attribution Report, Network Security Checklist, and the System Security Risk and Vulnerabilities Report, your team will use scanning and auditing functions to determine the baseline security posture of your nation team system and those of the other nation teams.
As you perform your baseline, address the following tasks:
Define the components you are searching for in this baseline determination and what you would do in light of possible disasters.
Include the systems-level diagram of how your nation team is configured, which can be obtained from your lab documentation.
How would you recover information assets, and how would you ensure integrity of data if such a situation were to take place?
What are the steps to producing the scan and audit report? What are the communication ports to be used or closed during operation during the Global Economic Summit?
How will you maintain a baseline of registers and images of data? How would you ensure integrity of these components over time?
What are different ways to implement security controls to a system after the security posture has been defined, in order to meet the policy requirements?
What are the missing security configurations or security updates, if any? Report on how these should be addressed to fortify the security posture of the nation system.
In your scanning, can you determine if there are missing security updates on target computers based on your access? If so, what were they, and what tool did you use for this scan? Is there security from/to the IP network to/from the PSTN caller? You will be given decryption information, and then you will determine what are the data types in transit. Identify if these are image files, or document files, and anything else.
Your team will provide all artifacts from the baseline scanning exercise and refer to them in the security baseline analysis report.
Additionally, you should assess (compare) security issues during the scans and provide issues created by social engineering. You should cover the following testing while implementing network infrastructure contingency and recovery plans in your comparison:
damage assessments
types of vulnerabilities and associated attacks
distributed computing model
information assurance (IA) principles
digital certificates
digital signatures (significance of public-key infrastructure)
These will be provided in the Security Baseline Report. Remember to discuss your findings with your team members while you take part in the lab.
Complete This Lab
Resources
Accessing the Virtual Lab Environment: Navigating UMGC Virtual Labs and Lab Setup
Self-Help Guide (Workspace): Getting Started and Troubleshooting
Link to the Virtual Lab Environment: https://vdi.umgc.edu/
Lab Instructions
Security Baseline Lab Exercise
Getting Help
To obtain lab assistance, fill out the support request form.
Make sure you fill out the fields on the form as shown below:
Case Type: UMGC Virtual Labs Support
Customer Type: Student (Note: faculty should choose Staff/Faculty.)
SubType: ELM Cyber (CBR/CST/DFC/CYB)
SubType Detail: Pick the category that best fits the issue you are experiencing.
Email: Type the email that you currently use for classroom communications.
In the form’s description box, provide information about the issue. Add screenshots or supporting documents, and include details such as steps you took and system responses.
Take screenshots of your completed exercises. Then, compile your screenshots into a single document to include in your Security Baseline Report.
Requirements:
Security Baseline Scanning General Instructions To complete this lab exercise, you will be required to keep notes of all steps that you take. Your notes should include screenshots, descriptive explanations, and labels for each screenshot where applicable. The notes should also include copies of any scan results, results of any outputs created by using the benchmark tools in this exercise, as well as copies of any referenced reports not specifically referenced in these instructions. After completing this lab exercise, you are expected to: ?Provide a description and copy of the proposed hardening approach youwould take to address the vulnerabilities found during your Nessus scan.?Incorporate answers to any questions set forth in this lab in your final SecurityBaseline Report.The Goal of the Lab: The Need for Nations’ Security Baseline Based on the Global Summit, you will need to work with other nation teams to build a system security baseline. Generally, all nations need to define a security baseline. You will use OpenSCAP Workbench to build a custom baseline. The SCAP tools are used for modifying industry benchmark characteristics. In this lab, you will use OpenSCAP Workbench to customize a National Institute of Standards and Technology (NIST)-provided Configuration Baseline (the .xml file) in Part 1. Normally, your computer system would be hardened after building the baseline. However, you will not need to harden the computer system in this exercise. As part of the activities in this lab, you will keep a copy of the following in your notes for inclusion in your final project report deliverables:
?a copy of the benchmark configuration file you created in this exerciseYou will also describe and document an effective approach for hardening the computer system that will be included in your notes and final project report.
Lab Reference Resources Review the following to reinforce your understanding of the key concepts in this lab: ?Refer to the OpenSCAP Portal website for official documentation, user manuals, FAQs, webcast slides, online videos, and online presentations.?Use tools such as the UMGC library, Google search engine, YouTube, and others for external resources such as videos, peer review articles, white papers, trade magazines, and online documentations.?Be mindful of digital rights infringement and cite sources to credit authors where appropriate to support your work.Getting Started In order to get started on this lab, you must first access the Virtual Labs environment using the instructions provided in the UMGC Virtual Lab document (Navigating the Workspace and the Lab Setup) in the classroom. The link to this document is found in the “Complete This Lab” box in the project step where the link to this lab instructions is located and labeled. Launch the Lab Broker application as instructed in the above document to connect to the lab VMs. Note: (a)After Lab Broker is launched, you will see a list of modules reflecting your coursenames. If you are accessing the lab for the first time, after expanding the list of nodesavailable for your course (CYB670), you will notice that the Connect and Start buttonsare grayed out and only the Allocate Lab button is clickable.(b)If necessary, refer to the lab setup document described above for additional details.1.Enter the following credentials to connect to the WINATK01 VM when prompted:Username: StudentFirstPassword: Cyb3rl@b
Source: Microsoft Windows, UMGC Virtual Labs 2.Once successfully connected, you will be taken to the desktop of the WINATK01VM.Source: Microsoft Windows, UMGC Virtual Labs 3.Double-click the Lab Resources shortcut located on the desktop of the VM toopen the folder.
Source: Microsoft Windows, UMGC Virtual Labs 4.Once in the Lab Resources folder, double-click on the Resourcesshortcut/bookmark to take you to the CYB 670 Project Resources.5.On the CYB 670 Project Resources page, right-click the(scap_gov.nist_USGCB-Windows-7.xml) NIST-provided ConfigurationBaseline and select Save link as to download the file to the VM.Source: Microsoft, UMGC Virtual Labs Note: Notice that the NIST .xml file (scap_gov.nist_USGCB-Windows-7.xml) is currently a Windows 7 version, which should work for the purpose of this exercise.
6.Click Save link as to save the file to your Downloads folder.Source: Microsoft Windows, UMGC Virtual Labs 7.Windows Explorer will open, defaulting to the Downloads folder of theWiINATK01 VM. Click Save to save the file to the Downloads folder.
Source: Microsoft, UMGC Virtual Labs Note: Close the Project Resources page to continue.
Source: Microsoft, UMGC Virtual Labs
Part 1Customizing a Configuration Baseline Using OpenSCAP Workbench OpenSCAP comes preloaded with SCAP content for many versions of Linux and Windows operating systems. The tool can also be used to scan these operating systems for vulnerabilities using industry standard baseline configuration files. The purpose of this tool in this exercise is to give you the means of customizing a standard baseline obtained from NIST. As a cybersecurity professional, you may be required to develop a custom baseline for your organization. The best way to do this is by using industry-accepted benchmarks and tailoring those to meet security compliance requirements for your organization. The following are steps to customize security benchmarks for a Windows 7 system obtained from NIST. Steps: 1.Go to the Applications folder within the Lab Resources folder to launch the SCAPWorkbench application from the shortcut provided. After the application launches,the SCAP content selection window will open.Source: Microsoft, UMGC Virtual Labs
Source: OpenSCAP, UMGC Virtual Labs Source: OpenSCAP, UMGC Virtual Labs 2.Click the Select content to load a drop-down menu to select the Other SCAPContent. Then click Load Content to launch Windows Explorer to allow you toselect the baseline file that you will customize.
Source: OpenSCAP, UMGC Virtual Labs 3.Navigate to the Downloads folder and select the scap_gov.nist_USGCB-Windows-7.xml file to load it for editing in OpenSCAP. Click Open to continue.Source: Microsoft, UMGC Virtual Labs. 4.After loading the SCAP content, the following window with the Rules section will popup.
Source: OpenSCAP, UMGC Virtual Labs Note: Familiarize yourself with the interface, especially the list of rules as highlighted. 5.Click the Customize button to start the customization process of the NISTbenchmark. A Customized Profile window will open.Source: OpenSCAP, UMGC Virtual Labs
a)Note the name of the New Profile ID since you will change it to reflect the nameof your organization.b)Note the word customized at the end of the New Profile ID to OrgName, whereOrgName reflects the name of your organization.c)Ensure that you change OrgName to your organization’s name.Source: OpenSCAP, UMGC Virtual Labs 6.Click OK to apply the change. A window will appear, showing the updated IDreflecting the name of your organization. Pay attention to the list of the customizableconfiguration baseline items on the left as highlighted in the second screenshotbelow.Source: OpenSCAP, UMGC Virtual Labs
Source: OpenSCAP, UMGC Virtual Labs If you are unable to see the full window, follow the numbers 1 to 3 in the next screenshot and then adjust sizes as needed. Source: Microsoft and OpenSCAP, UMGC Virtual Labs
7.Now, modify the Account Lockout Policy Settings and Password Policy Settingsas indicated below.Source: OpenSCAP, UMGC Virtual Labs Under the Account Lockout Policy Settings, select Reset Account Lockout After and change its settings from the default 900 seconds (15 minutes) to 1800 seconds (30 minutes) as shown. Source: OpenSCAP, UMGC Virtual Labs You may try other options by selecting the other policy settings depending on your organization’s security requirements.
8.After the customization, click OK to apply the updated settings.Source: OpenSCAP, UMGC Virtual Labs Notice that even though the profile has been customized, the changes have not yet been saved as indicated by Unsaved changes in the Customization box in the screenshot below.
Source: OpenSCAP, UMGC Virtual Labs 9.Before saving the file, create a Customized Windows 7 Baseline folder on thedesktop of the WINATK01 VM.Source: Microsoft, UMGC Virtual Labs 10. It is now time to save the file. Go to the File menu and select Save All to save thefile to the Customized Windows 7 Baseline folder on the desktop of the VM.
Source: OpenSCAP, UMGC Virtual Labs After successfully saving the file, you notice that there are two files in the folder: one is the original scap_gov.nist_USGCB-Windows-7.xml file, and the other is the associated customization file, tailoring-xccdf.xml.
Source: Microsoft, UMGC Virtual Labs . Source: Microsoft, UMGC Virtual Labs 11. Move a copy of the customized Windows 7 Baseline to Workspace to be includedwith your project deliverables by using the instructions: Moving Files Between LabVM and Workspace VM.
Congratulations. You have now reached the end of the lab. Close all applications and exit the virtual lab, and make sure that you compile your findings in your lab report for submission.
1 Navigating UMGC Virtual Labs and Lab Setup Getting Started First Time Accessing UMGC Virtual Lab Environment You can access your virtual lab environment, your student Workspace, by navigating to this portal, https://vdi.umgc.edu. The UMGC Virtual Lab environment is accessible using any major browser such as Google Chrome, Mozilla Firefox, Internet Explorer, Microsoft Edge, and Safari. Your lab environment and applications have already been configured based on the course(s) in which you are currently enrolled. Home View The portal is made up of three views, the Home, Apps, and Desktops views. Upon accessing your virtual lab environment, you will be presented with the Home view by default. On this view, you will see groups of applications made available to you based on your course, lab work, and other productivity needs. These groups of applications (i.e., Cyber Programs, Data Analytics Program, Microsoft Office, and Productivity) will be presented in a carousel as depicted below. Source: Citrix, UMGC Virtual Labs
2 Desktops View The Desktops view will provide you access to a full virtual desktop. Some classes will require access to a full virtual desktop to complete the course exercises. Upon clicking the Desktops icon to access this view, you will be presented the virtual desktops available to you based on your course(s). Source: Citrix, UMGC Virtual Labs To open a virtual desktop, you just need to click the intended virtual desktop. This will open in another tab within your browser to access the virtual desktop as shown below. Source: Microsoft, UMGC Virtual Labs
3 Apps View On the portal, you will also be able to access the Apps view. This view will show you all applications that you have access to for your course(s), lab work, and other productivity needs. You can open these applications from this view by simply clicking on their icons. The application will open a new tab within a browser where it will be ready for use. From this view, you can also bookmark an app to be accessible from your Home view by marking it as a Favorite. This is done by clicking to select (turn yellow) the star on the top left corner of the Apps button. Source: Citrix, UMGC Virtual Labs The UMGC Lab Broker What is the UMGC Lab Broker? Located in the virtual lab environment (your Workspace), the UMGC Lab Broker is an application that allows you to access the lab virtual machines (VMs) needed for your course(s). Opening Lab Broker Under the Apps view of the portal, you will see the icon for Lab Broker. You may open this application by clicking on its icon, and it will open in a new tab in your browser. Once the application is open, it will display your course(s) name(s) and provide you access to the lab resources for your course(s).
4 Source: Citrix, UMGC Virtual Labs Using Lab Broker to Access the Lab VMs Once you open Lab Broker, you will see a new window open. Each of your courses that contain labs will be listed in the interface. Source: UMGC Virtual Labs If you are accessing the lab for the first time, after expanding the list of nodes available for your course, you’ll notice that the “Connect” and “Start” button are grayed out, and only the “Allocate Lab” button is clickable. Click on “Allocate Lab” to activate the nodes.
5 Source: UMGC Virtual Labs Within each course block (e.g., CST 610), you will see the machines needed for your labs. Follow your lab instructions regarding which machines to access for each lab assignment. To connect to an individual lab machine, simply click the “Connect” icon. Source: UMGC Virtual Labs
6 Clicking the Destroy button allows you to delete the existing nodes within that course and the option to reallocate new machines. Source: UMGC Virtual Labs Credentials to Access the Lab VMs ? User ID: StudentFirst ? Password: Cyb3rl@b Buttons and Their Uses Button Use If you?re accessing the lab for the first time, you will need to request that lab machines be set aside for your use. Clicking this button provides those resources to you. Clicking this button starts allocated lab machines. Using this option will destroy your currently allocated lab resources. Once your machines are available and running, the connect option will become available. Clicking this will link you to the new lab machine. **
7 Use this button to start an individual lab machine. Once the machine is started and running, the connect option will become available. The icon next to the IP address lets you copy the IP address and paste it in applications or tools used to connect to that node. **Note: The first time you attempt to connect to a Windows machine and a Linux machine, you will receive a pop-up notification (External Protocol Request) that will ask you to approve Lab Broker to open your lab machines. For convenience, it is recommended that you select “Remember my choice for all links of this type.” Next, click “Launch Application” to proceed to the lab environment.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
