Implementing Access Controls with Windows Active Directory
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
In this lab, you used the Active Directory Domain Controller to secure the C-I-A triad, ensuring confidentiality and integrity of network data. You created users and global security groups and assigned the new users to security groups. You followed a given set of access control criteria to ensure authentication on the remote server by applying the new security groups to a set of nested folders. Finally, you verified that authentication by using the new user accounts to access the secured folders on the remote server.
Lab Assessment Questions & Answers
1. Relate how Windows Server 2012 Active Directory and the configuration of access controls achieve C-I-A for departmental LANs, departmental folders, and data. 2. Is it a good practice to include the account or user name in the password? Why or why not?
No because it makes it easier to crack the pass code
3. What are some of the best practices to enhance the strength of user passwords in order to maximize confidentiality?
Require a minimum length on the password to make it hard to crack the password,
Require the user to change it every 90 days or 6 months. Don't use dictionary words,
Use a mix of upper and lower case letters, numbers and special characters.
Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
Student Lab Manual
4. Can a user who is defined in Active Directory access a shared drive on a computer if the server with the shared drive is not part of the domain?
No they can't access it.
5. Does Windows Server 2012 R2 require a user’s logon/password credentials prior to accessing shared drives?
Yes they do require a login and password.
6. When granting access to network systems for guests (i.e., auditors, consultants, third-party individuals, etc.), what security controls do you recommend implementing to maximize CIA of production systems and data?
Use local self-signed certificates that expire when the guest is due to leave, Use ACL's, and disable use and cd drives to protect data from being copied.
7. In the Access Controls Criteria table, what sharing changes were made…