Computers and Technology
Submitted By flippride11
Week 2 lab and assessment.
1. What are the three fundamental elements of an effective security program for information systems? Identification, Authentication and Authorization
2. Of these three fundamental controls, which two are used by the Domain User Admin to create users and assign rights to resources? Authentication and access control
3. If you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of access controls and permissions are probably configured? List folder contents and Security Policy control
4. What is the mechanism on a Windows server where you can administer granular policies and permissions on a Windows network using role-based access? Group Policy Editor
5. What is two-factor authentication, and why is it an effective access control technique? Two factor uses two of the three characteristics in authentication types.
6. Relate how Windows Server 2012 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data. Creates security principals in the active directory domain partition
7. Is it a good practice to include the account or user name in the password? Why or why not? It is not because it will be easier for a hacker to decode your password
8. Can a user who is defined in Active Directory access a shared drive on a computer if the server with the shared drive is not part of the domain? Non domain machines cannot access shared folders
9. When granting access to LAN systems for guests (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend be implemented to maximize CIA of production systems and data? You need to establish a limited account for access to only what they need, make them sign user and non-disclosed agreements…...