3
LAB #3 – ASSESSMENT WORKSHEET Enable Windows Active Directory and User Access Controls Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview This lab provided students with the hands-on skills needed to create a new Active Directory domain in Windows Server 2003 and demonstrated how to configure a centralized authentication and policy definition for access controls. The Active Directory users and workstation plug-ins were used to create users, groups, and configure role-based access permissions and controls on objects and folders in a Windows Server 2003 Active Directory system. Lab Assessment Questions & Answers 1. What are the three fundamental elements of an effective access control solution for information systems? 2. What two access controls can be set up for Windows Server 2003 folders and authentication? 3. If you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of access controls and permissions are probably configured? What type of access control would best describe this access control situation? 50 LAB #3 | Enable Windows Active Directory and User Access Controls

Enable Windows Active Directory and User Access …d2jw81rkebrcvk.cloudfront.net/assets.navigate/issa/Intro_to_ISS/... · Enable Windows Active Directory and User Access Controls

Embed Size (px)

Citation preview

Page 1: Enable Windows Active Directory and User Access …d2jw81rkebrcvk.cloudfront.net/assets.navigate/issa/Intro_to_ISS/... · Enable Windows Active Directory and User Access Controls

LAB #3 – ASSESSMENT WORKSHEET

Enable Windows Active Directory and User Access Controls

Course Name and Number:

Student Name:

Instructor Name:

Lab Due Date:

OverviewThis lab provided students with the hands-on skills needed to create a new Active Directory domain in Windows Server 2003 and demonstrated how to confi gure a centralized authentication and policy defi nition for access controls. The Active Directory users and workstation plug-ins were used to create users, groups, and confi gure role-based access permissions and controls on objects and folders in a Windows Server 2003 Active Directory system.

Lab Assessment Questions & Answers

1. What are the three fundamental elements of an effective access control solution for information systems?

2. What two access controls can be set up for Windows Server 2003 folders and authentication?

3. If you can browse a fi le on a Windows network share, but are not able to copy it or modify it, what type of access controls and permissions are probably confi gured? What type of access control would best describe this access control situation?

50 LAB #3 | Enable Windows Active Directory and User Access Controls

38351_LMxx_Lab03.indd 5038351_LMxx_Lab03.indd 50 8/1/12 2:57 PM8/1/12 2:57 PM

Page 2: Enable Windows Active Directory and User Access …d2jw81rkebrcvk.cloudfront.net/assets.navigate/issa/Intro_to_ISS/... · Enable Windows Active Directory and User Access Controls

Enable Window

s Active D

irect ory and U

ser Access Controls

4. What is the mechanism on a Windows server where you can administer granular policies and permissions on a Windows network using role-based access?

5. What is two-factor authentication, and why is it an effective access control technique?

6. Relate how Windows Server 2008 R2 Active Directory and the confi guration of access controls achieve CIA for departmental LANs, departmental folders, and data.

7. Is it a good practice to include the account or user name in the password? Why or why not?

8. Can a user who is defi ned in the Active Directory access a shared drive if that user is not part of the domain?

3

Assessment Worksheet 51

38351_LMxx_Lab03.indd 5138351_LMxx_Lab03.indd 51 8/1/12 2:57 PM8/1/12 2:57 PM

Page 3: Enable Windows Active Directory and User Access …d2jw81rkebrcvk.cloudfront.net/assets.navigate/issa/Intro_to_ISS/... · Enable Windows Active Directory and User Access Controls

9. Does Windows Server 2003 require a user’s logon/password credentials prior to accessing shared drives?

10. When granting access to LAN systems for guests (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend be implemented to maximize CIA of production systems and data?

52 LAB #3 | Enable Windows Active Directory and User Access Controls

38351_LMxx_Lab03.indd 5238351_LMxx_Lab03.indd 52 8/1/12 2:57 PM8/1/12 2:57 PM