Network Detective Prepared For: ABC Corp Prepared By: Roger G. Best.

Slides:

Advertisements

Similar presentations

TERMINAL SERVER DEPLOYMENT PLAN. STEP 1: PREPARATION  UTILIZE THE CURRENT SERVER FOR: ACTIVE DIRECTORY (AD) ACTIVE DIRECTORY (AD) NEEDED FOR STORAGE.

Advertisements

P1-P2-M1-D1-D2.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

{ Best Practice Why reinvent the wheel?.   Domain controllers   Member servers   Client computers   User accounts   Group accounts   OUs 

Auditing Active Directory Presented to the National State Auditors Association 2014 Information Technology Conference.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Protect Your Computer Protect Your Work Computing & Communications.

Managing a computerised PO Operating environment 1.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Website Hardening HUIT IT Security | Sep

Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.

Module 2: Managing User and Computer Accounts

Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

General Awareness Training

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Managing Computerised Offices Operating environment

Using Microsoft Network Access Protection to test Dr.Web anti-virus software The workstations successfully checked by NAP can be used in a corporate network.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.

Module 13: Designing Active Directory Migrations in Windows Server 2008.

Module 11: Remote Access Fundamentals

DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.

Files are at risk from loss if your computer breaks or if you get a virus. Files can also become corrupted. Solutions: Make regular back ups of files Use.

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

Module 6: Implementing Group Policy. Overview Implementing Group Policy Objects Implementing GPOs in a Domain Managing the Deployment of Group Policy.

Module 2: Managing User and Computer Accounts. Overview Creating User Accounts Creating Computer Accounts Modifying User and Computer Account Properties.

1 Chapter Overview Publishing Resources in Active Directory Service Redirecting Folders Using Group Policies Deploying Applications Using Group Policies.

Appendix C: Designing an Operations Framework to Manage Security.

Module 11: Read-Only Domain Controllers. Overview Describe the Read-Only Domain Controllers role Use Read-Only Domain Controllers.

Module 15 Managing Windows Server® 2008 Backup and Restore.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

IT Audit 2006 Deborah Joyner, Marjorie Tucker, Kay Simpson, Dawn Rountree, Kathy Jones.

Database Role Activity. DB Role and Privileges Worksheet.

Chapter 2 Securing Network Server and User Workstations.

ITS – Identity Services ONEForest Security Jake DeSantis Keith Brautigam

Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.

Minimizing your vulnerabilities. Lets start with properly setting up your servers which includes… Hardening your servers Setting your file and folder.

IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.

Defense in Depth. 1.A well-structured defense architecture treats security of the network like an onion. When you peel away the outermost layer, many.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

How to Mitigate Stay Safe. Patching Patches Software ‘fixes’ for vulnerabilities in operating systems and applications Why Patch Keep your system secure.

Policies and Security for Internet Access

ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Module 8: Implementing Group Policy. Overview Multimedia: Introduction to Group Policy Implementing Group Policy Objects Implementing GPOs on a Domain.

Chapter 6 Application Hardening

Chapter 5 : Designing Windows Server-Level Security Processes

HARDENING CLIENT COMPUTERS

Joe, Larry, Josh, Susan, Mary, & Ken

Lesson 16-Windows NT Security Issues

BACHELOR’S THESIS DEFENSE

BACHELOR’S THESIS DEFENSE

BACHELOR’S THESIS DEFENSE

PLANNING A SECURE BASELINE INSTALLATION

Module 8: Implementing Group Policy

Presentation transcript:

Network Detective Prepared For: ABC Corp Prepared By: Roger G. Best

Agenda Environment Risk and Issue Score Issue Review Next Steps

Environment - Overview Domain Domain Controllers1 Number of Organizational Units13 Users # Enabled33 Last Login within 30 days13 Last Login older than 30 days20 # Disabled15 Last Login within 30 days1 Last Login older than 30 days14 Security Group Groups with Users70 # Total Groups123 Computers in Domain Total Computers40 Last Login within 30 days9 Last Login older than 30 days31

Environment - Patching

Risk and Issue Score Current Risk ScoreCurrent Issue Score Prior Risk ScorePrior Issue Score

Issue Review Unsupported Operating Systems (97 pts) Issue: 22 computers were found using an operating system that is no longer supported. Unsupported operating systems no longer receive vital security patches and present an inherent risk. Recommendation: Upgrade or replace computers with operating systems that are no longer supported.

Issue Review User has not logged in in 30 days (13 pts) Issue: Users that have not logged in in 30 days could be from a former employee or vendor and should be disabled or removed. Recommendation: Disable or remove user accounts for users that have not logged in in 30 days.

Issue Review User password set to never expire (80 pts) Issue: User accounts with passwords set to never expire present a risk of use by authorized users. They are more easily compromised than passwords that are routinely changed. Recommendation: Investigate all accounts with passwords set to never expire and configure them to expire regularly.

Issue Review Anti-virus not installed (94 pts) Issue: Anti-virus software was not detected on some computers. Without adequate anti-virus and anti-spyware protection on all workstations and servers, the risk of acquiring malicious software is significant. Recommendation: To prevent both security and productivity issues, we strongly recommend assuring anti-virus is deployed to all possible endpoints.

Issue Review Anti-virus not turned on (92 pts) Issue: We were unable to determine if an anti-virus software is enabled and running on some computers. Recommendation: Determine if anti-virus is enabled properly.

Issue Review Anti-spyware not installed (94 pts) Issue: Anti-virus software was not detected on some computers. Without adequate anti-virus and anti-spyware protection on all workstations and servers, the risk of acquiring malicious software is significant. Recommendation: To prevent both security and productivity issues, we strongly recommend assuring anti-spyware is deployed to all possible endpoints.

Issue Review Anti-spyware not turned on (92 pts) Issue: We were unable to determine if an anti-spyware software is enabled and running on some computers. Recommendation: Determine if anti-spyware is enabled properly.

Issue Review Inactive Computers (15 pts) Issue: 39 computers were found as having not checked in during the past 30 days. Recommendation: Investigate the list of inactive computers and determine if they should be removed from Active Directory, rejoined to the network, or powered on.

Issue Review Lack of Redundant Domain Controller (85 pts) Issue: Only one Domain Controller was found on the network. There is a heightened risk of business downtime, loss of data, or service outage due to a lack of redundancy. Recommendation: Evaluate the risk, cost, and benefits of implementing a redundant Domain Controller.

Issue Review Un-populated Organization Units (10 pts) Issue: Empty Organizational Units (OU) were found in Active Directory. They may not be needed and should be removed to prevent misconfiguration. Recommendation: Remove or populate empty Organizational Units.

Issue Review Operating System in Extended Support (20 pts) Issue: 24 computers were found using an operating system that is in extended supported. Extended support is a warning period before an operating is no longer supported by the manufacturer and will no longer receive support or patches. Recommendation: Upgrade computers that have operating systems in Extended Support before end of life.

Next Steps Agree on List of Issues to Resolve Present Project Estimates and Costs Establish Timelines Set Milestones Get Signoff to Begin Work