Question

In: Computer Science

At the end of the lab, you will be asked to respond to the following in...

At the end of the lab, you will be asked to respond to the following in a 2- to 2.5-page response at the end of your Microsoft Word document:

Explain the types of information that can be stored in an Active Directory user record.

Address the following in your response:

  • What are some of the additional tabs that are available in the Active Directory Users and Computers "Advanced Features" mode?
  • What are some of the specific challenges and risks associated with accountmanagement in a large infrastructure?
  • How can inadequate access controls or access management leave critical information vulnerable?
  • What protections does encryption offer and how important is key management tokeeping any encryption system secured?
  • Considera cloud-hosted Infrastructure as a Service (IaaS) environment with many users accessing these systems from all over the world. What advantages or challenges might there be managing these identities and associated keys?

Finally, conclude this week's assignment with a page explaining how the tools and processes demonstrated in the lab might be used by an infrastructure administrator to help secure an environment.

Submit your assignment.

Solutions

Expert Solution

Explain the types of information that can be stored in an Active Directory user record.

Ans: Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was only in charge of centralized domain management. However, Active Directory became an umbrella title for a broad range of directory-based identity-related services.

Active Directory Domain Services (AD DS) is the cornerstone of every Windows domain network. It stores information about members of the domain, including devices and users, verifies their credentials and defines their access rights. The server running this service is called a domain controller. A domain controller is contacted when a user logs into a device, accesses another device across the network, or runs a line-of-business Metro-style app sideloaded into a device.

It has the ability to record different types of information about different objects. Active directory trend towards relying on standard protocols which stores in an activity directory user record.

Some of the informations that can be stored in Active directory are:

1. Organization personal informations

2. Sites

3. Computers

4.Users

5. Shares

6. Information or data about any other network object.

What are some of the additional tabs that are available in the Active Directory Users and Computers "Advanced Features" mode?

Ans:

Many administrators are familiar with Additional Account Info tab since there have been AD domains based on Windows Server 2003. It is to be reminded that the Additional Account Info tab to appear in the User Properties of Active Directory Users and Computers (ADUC) console, you had to download Windows 2003 Resource Kit and register a special library Acctinfo.dll .

After that if you open the properties window of any AD user, you can see a new tab containing different information useful for a domain administrator, like:

  • Password Last Set – time when a user password has been changed
  • Password Expires – a period of time when the password expires
  • User Account Control / Locked – the account status (enabled, disabled, locked, etc.)
  • Last logon (logoff) – the time of the last logon (logoff) of the user on the domain controller
  • Information on the counters of failed/successful logons
  • SID, GUID information and SID History

So, to add Acctinfo.dll to the Active Directory Users and Computers in the x64 version of Windows (Windows 7, Windows 8, Windows Server 2008 R2, Windows Server 2012 / R2), you have to:

  • Download the Account Lockout and Management Tools from Microsoft website (the archive as of 8/22/2012, contains the self-extracting archive ALTools.exe with the size of 850 KB) and unpack it.
  • Copy the library file acctinfo.dll to C:\Windows\SysWOW64 directory
  • Start a command prompt as an administrator and register the library in the system:
    1
    
    regsvr32 C:\Windows\SysWOW64\acctinfo.dll

  • Create a shortcut for Active Directory Users and Computer (dsa.msc) snap-in, and specify in the shortcut properties that you want to run the console in the 32-bit mode:
    1
    
    C:\Windows\System32\dsa.msc -32
  • Open ADUC console with this shortcut and enable the display of the advanced features (View->Advanced Features)
  • Left open the properties of any domain user and make sure that the new Additional Account Info tab has appeared.
  • You can expand the features of this tab by integrating a separate Account Lockout Status button into it, which allows to start LockoutStatus.exe (Microsoft Account Lockout Status) directly from the ADUC console. This utility can analyze the logs of the AD domain controllers and determine which domain controller has locked the account

What are some of the specific challenges and risks associated with accountmanagement in a large infrastructure?

Ans:

1.There is an inherent conflict between the aspiration of data to limit the number of records and volatility of potential future.

2.It is important to maintain flexibility to respond to unforeseen changes over the life cycle of a project when there is larger infrastructure.

3.It requires an end-to-end risk-management view, as opposed, individualized process-step responsibility when the capacity of data is vulnerable.

4.The mitigation capabilities causes risks with account management in a large infrastructure

How can inadequate access controls or access management leave critical information vulnerable?

Ans:

1.If there is no proper access management,there will be problem in loosing security of which data is viewed by whom.

2.It is important to access and maintain employees only to access their job or function.

3.There is no urgency to remove access at any time before checking data concurrency.

4.Major problem with incorrect access management is audits and compliance issues.

What protections does encryption offer and how important is key management tokeeping any encryption system secured?

Ans:

1.Private key and public key gives protection which improves complexity, and in particular this means dealing with encryption keys.

2.It Encouraged organisations to encrypt their data more and more,removable media such as tapes and mobile devices like laptops.

3.checking the protection of ensure the central key repository.

4.It provides a public key to encrypt data and a private key to decrypt data.

Considera cloud-hosted Infrastructure as a Service (IaaS) environment with many users accessing these systems from all over the world. What advantages or challenges might there be managing these identities and associated keys?

Ans:

1.Insufficient iteration between client and contractor's top team is the challange in managing associated keys

2.Proactive risk activation is a major advantage in cloud-hosted Infrastructure as a Service (IaaS) environment with many users accessing these systems.

3.On site visual management and onsite change handling can be done in cloud hosted Iaas.

4.Consistency over management approval of multiple adjustments.

Finally, conclude this week's assignment with a page explaining how the tools and processes demonstrated in the lab might be used by an infrastructure administrator to help secure an environment

Ans:

1.Industry experts and security professionals,responsible for software security are using this infrastructure administrator to help secure an environment.

2.These tools are used in Measuring Security in the economics of insecure software.

3.This brings deeper understanding of the vulnerabilities to the security reasons.

4.Helps in economics and security for the study of academic researchers.

5.It helps in perform various levels of testing.

6.It helps in to understand the scope of security,develops mindset.

7.Helps in the understanding of right tools to specifically disallowed use case.

8.Use Source Code When Available during a black box engagement.

9.Brings the testing techniques to understand more.

10.Document of test results can be formed using this tool.

Note: This information is about 3-4 pages, if you have any queries, feel free to comment

And if my answer suffice to the requirements, kindly upvote.

Happy Learning


Related Solutions

At the end of the lab, you will be asked to respond to the following in...
At the end of the lab, you will be asked to respond to the following in a 2- to 2.5-page response at the end of your Microsoft Word document: Describe what information was contained in the logs and what value they might have in a security investigation. Address the following in your response: Think about the challenges of getting all the Active Directory audit policy settings right. For an infrastructure administrator, how important are these types of settings? What are...
Linfei Ltd. has a 31 December year-end, and a tax rate of 25%. Management has asked you to respond to the following situations:
Linfei Ltd. has a 31 December year-end, and a tax rate of 25%. Management has asked you to respond to the following situations:1. The company has always used the FIFO method of determining inventory costs; starting in 2017, it will now use average cost. Opening and closing inventories for 2017 under FIFO are $540,000 and $671,100, respectively. Opening and closing inventories under average cost are $427,200 and $529,000, respectively.Provide the journal entry to record the change. (If no entry is...
Each week, you will be asked to respond to the prompt or prompts in the discussion...
Each week, you will be asked to respond to the prompt or prompts in the discussion forum. Your initial post should be 75-150 words in length, and is due on Sunday. By Tuesday, you should respond to two additional posts from your peers. Discussion A It is very helpful to use the new words you are learning in the context they will be used. It helps you relate the MTs to the meaning. Each week you will practice using the...
PART 2 Each week, you will be asked to respond to the prompt or prompts in...
PART 2 Each week, you will be asked to respond to the prompt or prompts in the discussion forum. Your initial post should be 75-150 words in length, and is due on Sunday. By Tuesday, you should respond to two additional posts from your peers. Discussion B: I have found that learning is increased when students practice going in both directions; formal to informal, and informal to formal. The primary focus is the Pathophysiology in this discussion. Anatomy and Physiology...
Respond to the following in a minimum of 175 words: Imagine that you’ve been asked to...
Respond to the following in a minimum of 175 words: Imagine that you’ve been asked to explain 1 of the major accounting ratios to a group of high school students who have no background in business or accounting but are eager to learn. Using the term Current Ratio describe how you would explain it in your own words, using a specific example.
In a lab you are asked to pipette 130 microL using a pipette with a range...
In a lab you are asked to pipette 130 microL using a pipette with a range of 20-200 microL. This pipette has recently been calibrated so is functioning correctly. You correctly move the dial of the pipette to 130 microL. On your first attempt to dispense 130 microL, you realise that the volume expelled was only 105 microL. On the second occasion it was 170 microL. Give explanations to what operator errors could have led to these outcomes?
You are an experienced, certified nurse working in an endoscopy lab. You have been asked to...
You are an experienced, certified nurse working in an endoscopy lab. You have been asked to prepare a presentation for staff education days at your facility. Select a digestive disorder for this discussion and, if necessary, research the clinical manifestations of the disorder. Describe the alterations in digestive functioning associated with the disorder you have chosen. Be sure to present it in a format that is appropriate for the type of presentation you are giving and to the audience you...
The following questions are asked by students after a unit on mean, median, and mode. Respond...
The following questions are asked by students after a unit on mean, median, and mode. Respond as if you were responding to your student. Use correct grammar, spelling and punctuation and be thorough in your responses. 1) A student asks , " Can a median number be a decimal? " How do you respond. Use the definition of median in your answer. 2) A student asks, " If the mean income of 10 people is $10,000 and one person gets...
. On your first day working in a biochemistry research lab, you are asked to prepare...
. On your first day working in a biochemistry research lab, you are asked to prepare 500 mL of a 0.15 M sodium phosphate buffer solution at pH 6.5. Your lab contains stock solutions of H3PO4, NaH2PO4, Na2HPO4, and Na3PO4, each at 0.5 M, as well as plenty of double-distilled water.(a). (6 points) What do you mix and in what amounts in order to prepare the desired buffer?
PROBABILITY QUESTION Assume that, as a clinic worker, you are asked to conduct lab tests for...
PROBABILITY QUESTION Assume that, as a clinic worker, you are asked to conduct lab tests for diagnosis of a disease. From ex- periments, it is known that any person in the population is either has the disease (positive), or has not (negative), i.e. there is no carrier. Over the entire population of people only 0.005 have this disease and the lab test returns a correct positive result in only 97% of the cases in which the disease is actually present...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT