Project Part 3: System Hardening and Auditing

Scenario

Fullsoft’s chief technology officer (CTO) established a plan to mitigate risks, threats, and vulnerabilities. As part of the mitigation plan, you and your team members will configure baseline security controls on all workstations (harden the systems), which run either Windows 7 or Windows 10. For this effort, you will ensure that the antivirus software is running properly and implement a control related to password-hacking attempts.In addition, Fullsoft’s CTO has asked your team to pay special consideration to continuously monitoring, testing, and improving countermeasures. The CTO points out that within the first 24 hours of configuring baseline security, you may sometimes receive alerts that malware has been quarantined within an antivirus program or notice a failed logon attempt captured by the Windows audit log. In response, you make a note to check the security of the workstation for which you will configure baseline security.The CTO also requests a report on the work you performed, part of which will be incorporated into the company’s IT security policy procedures. The report should also include the purposes of system hardening and auditing, and an additional area of concern or emerging trend related to information systems security that’s relevant to Fullsoft.At the end of the report, include a brief statement that explains how your work on this project relates to the larger responsibility you have for supporting the company’s success regarding IT security. Your statement will be considered a part of your upcoming performance review.

Tasks

If possible, complete the hardening and auditing tasks using a personal computer with the default installation of Windows 7 or Windows 10. If you do not own the necessary hardware and software, consult with your instructor about alternatives. After your work on this project is complete, you may need to return the settings to the previous configuration.

1. Ensure that you are logged in as an administrator. Using a computer that has Windows 7 or Windows 10 installed:
   1. Review the antivirus program. Ensure that it is up to date, is configured for automatic updates, and is scheduled to run quick scans regularly. Note when the last full system scan was run and any issues you observe with the software.
   2. Configure audit logging to identify all failed password attempts into the system.
2. After at least 24 hours, check the Windows workstation for security events. Be sure to review the audit log in Windows Event Viewer.
3. Write a report in which you:
   • Explain how you ensured the antivirus program is up to date, scheduled to run regular quick scans, and when the last full system scan was run. Describe anything significant you observed.
   • Explain how you configured audit logging to record all failed password attempts into the system.
   • Describe all the potentially problematic security events that occurred in the 24-hour period after checking the antivirus software and configuring audit logging.

Project: Information Systems Security
Explain what was done (or should be done) to correct any problems encountered.
Explain the purposes of system hardening and auditing in terms of the company’s goal of maintaining information systems security. Also describe an additional area of concern or an emerging trend related to information systems security that you think warrants the company’s attention in the immediate future. Discuss some relevant hardening guidance Fullsoft could implement.
Briefly explain how your work on this project relates to your responsibility to help the company achieve its IT security goals.

Required Resources

• Textbook for this course
• A Windows 7 or Windows 7 computer, preferably with a default installation
• Internet access

Additional Resources

• Audit logon events
• How to See Who Logged Into a Computer and When
• Event Logs
• Using Event Viewer to Troubleshoot Problems

Submission Requirements

• Format: Microsoft Word or compatible
• Font: APA Format
• Citation Style: APA Format
• Submit in the Group Project Part 3 Assignment
• Name the document Group-project-part-3
• Length: 5–6 pages plus citation page
• Include relevant screenshots

You are encouraged to respond creatively, but you must cite credible sources to support your work.

Self-Assessment Checklist

• I summarized the system-hardening and auditing configuration steps I implemented on a computer using Windows 7 or Windows 10, including:
  • How I ensured the antivirus software is running properly
  • How I configured audit logging of all failed password attempts
• I described potentially problematic security events that occurred within a 24-hour period, and noted actions that were taken (or should be taken) to address them.
• I explained the purposes of system hardening and auditing in terms of the company’s overarching goal of maintaining information systems security.
• I proposed at least one area of concern or emerging trend related to information systems security that warrants additional attention.
• I explained how my work on this project relates to my professional responsibility to help the company achieve its IT security goals.
• I conducted adequate independent research for this part of the project.
• I followed the submission guidelines.

in the files below.

1. Using the CITM-504 Progress Report Template, provide your instructor with information on your progress toward completing the capstone project. The template asks the following questions:
2. Provide a brief overview of your capstone project work.
   1. Provide a quick overview of your capstone project work.
   2. What work is completed (bulleted format)?
   3. Provide a short description of the work in progress.
3. Using the template form (the date automatically updates), submit the report using the assignment submission page. Please provide your name in the text box.

Please refer to the 3.3 Progress Report and 3.4 Paper Outline (Attached) and compile it further. 

 In this Assignment, you will use Python and create the numpy portion of the exercise with the information provided. The second half of the exercise is to run the Python Pandas code and record the findings from each step.
 

Please introduce yourself to the class. Be sure to indicate your name, where you are from and what you are studying in Graduate School.

Take a moment, and please introduce yourself. Tell us something about yourself, particularly about your life outside the classroom and what you expect to achieve in this class. 

Network managment project

In a short paragraph, explain your main idea (such as cybersecurity, network errors, website accessibility, etc.) and why it is of interest to you.

Under the paragraph, provide a bulleted list of at least four focused, open-ended research questions that are related to this topic. Again, the unit Reading should provide some guidance.

• Write your initial post in your own words; do not quote or copy from sources.
• Do not copy the discussion question into your post.
• Write an original descriptive subject line for your initial post.
• Write with formal, professional language.
• Work to meet all posting guidelines and expectations.

 Explain in your own words why businesses must have an Internet and IoT marketing strategy 

Part 1: Type 5 Cisco Password Hashes

To keep your routers, firewalls, and switches secure, they need good passwords. Type 5 Cisco password hashes employ a technique called salting. Discuss password hashes and salting and discuss password cracking tools or websites that can be used to crack Cisco password hashes. Some of the most popular Linux tools are John the Ripper and Hashcat, which are both already included with the Kali Linux distribution. The Windows tool Cain can also crack Cisco passwords. Use the as is choice and the default wordlist that comes with Cain on the password hashes below. You may elect to crack some of them and explain how you did it for part of this discussion:

$1$mERr$TMFGl3gjZgTURz2zWGujv1

$1$mERr$j2lBkUQmIwqeeIUhzEMH/1

$1$mERr$UeZ8mb786UhNnpZquiKwc0

Part 2: Type 7 Cisco Password Hashes

The Cisco type 7 password is not much better than putting the password in clear text, which is the default if you do not type the command service password-encryption. Discuss password hashes and discuss password cracking tools or websites that can be used to crack Cisco type 7 password hashes. Here is a list of some Cisco password hashes. You may elect to crack some of them and explain how you did it for part of this discussion.

11280B061F1B583342

532E26010C082B070B6F02

46152908515041

09611E590A565451

023057495B085E226D6E

062B3D0D1C4A0E4A44

 Do you believe Artificial Intelligence or Machine Learning is the future of cybersecurity? Explain why or why not