Describe all the potentially problematic security events that occurred in the 24-hour period after checking the antivirus software and configuring audit logging.

Description

Project Part 3: System Hardening and Auditing

Scenario

Fullsoft’s chief technology officer (CTO) established a plan to mitigate risks, threats, and vulnerabilities. As part of the

mitigation plan, you and your team members will configure baseline security controls on all workstations (harden the

systems), which run either Windows 10 or OS X (Apple). For this effort, you will ensure that the antivirus software is

running properly and implement a control related to password-hacking attempts.

In addition, Fullsoft’s CTO has asked your team to pay special consideration to continuously monitoring, testing, and

improving countermeasures. The CTO points out that within the first 24 hours of configuring baseline security, you may

sometimes receive alerts that malware has been quarantined within an antivirus program or notice a failed logon attempt

captured by the Windows audit log. In response, you make a note to check the security of the workstation for which you

will configure baseline security.

The CTO also requests a report on the work you performed, part of which will be incorporated into the company’s IT

security policy procedures. The report should also include the purposes of system hardening and auditing, and an

additional area of concern or emerging trend related to information systems security that’s relevant to Fullsoft.

At the end of the report, include a brief statement that explains how your work on this project relates to the larger

responsibility you have for supporting the company’s success regarding IT security. Your statement will be considered a

part of your upcoming performance review.

Tasks

If possible, complete the hardening and auditing tasks using a personal computer with the default installation of either

Windows 10 or OS X (Apple). If you do not own the necessary hardware and software, consult with me (your

instructor) about alternatives. After your work on this project is complete, you may need to return the settings to the

previous configuration.

1. Ensure that you are logged in as an administrator. Using a computer that has Windows 10 or OS X (Apple)

installed:

a. Review the antivirus program. Ensure that it is up to date, is configured for automatic updates, and is

scheduled to run quick scans regularly. Note when the last full system scan was run and any issues

you observe with the software.

b. Configure audit logging to identify all failed password attempts into the system.

2. After at least 24 hours, check the Windows workstation for security events. Be sure to review the audit log in

Windows Event Viewer.

3. Write a report in which you:

a. Explain how you ensured the antivirus program is up to date, scheduled to run regular quick scans,

and when the last full system scan was run. Describe anything significant you observed.

b. Explain how you configured audit logging to record all failed password attempts into the system.

c. Describe all the potentially problematic security events that occurred in the 24-hour period after

checking the antivirus software and configuring audit logging.

d. Explain what was done (or should be done) to correct any problems encountered.

e. Explain the purposes of system hardening and auditing in terms of the company’s goal of maintaining

information systems security. Also describe an additional area of concern or an emerging trend related

to information systems security that you think warrants the company’s attention in the immediate

future.

f. Briefly explain how your work on this project relates to your responsibility to help the company

achieve its IT security goals.

Required Resources

• Textbook for this course

• Either Windows 10 or OS X (Apple) computer, preferably with a default installation

• Internet access

Additional Resources

Additional Order Description Attached

The post Describe all the potentially problematic security events that occurred in the 24-hour period after checking the antivirus software and configuring audit logging. appeared first on Essay Quoll.

Reference no: EM132069492

WhatsApp
Hello! Need help with your assignments? We are here

GRAB 25% OFF YOUR ORDERS TODAY

X