Lab 4 Managing Custom Security Baselines Computer Science Homework Help

Lab #4: Managing Custom Security Baselines

Purpose: Develop systems administration procedures to manage custom security baselines using the Microsoft Security Compliance Manager (SCM).

Objectives

1.  Install a security configuration tool (SCM) for use under Windows 8.1.

2.  Create custom baselines for Windows 8.1 security policy settings using Microsoft provided templates and the SCM tool.

3.  Manage custom baselines for Windows 8.1 security policy settings using the SCM tool.

Overview

In this lab, our focus is upon developing a set of security policy baselines which can be incorporated into an organization’s security program. These policy baselines will be based upon best practices and recommendations from Microsoft for the Windows 8.1 operating system. Microsoft provides a number of tools which can be used to create, manage, and apply security policy baselines to configure workstations and servers. The Security Compliance Manager (SCM) tool is used to create and manage security policy baselines. The Group Policy Management tool is used to apply security policy baselines to domains and to individual workstations.

For this lab, you will only create and manage security policy baselines since, for security reasons, students are not allowed to use the Group Policy Management tool to change the security policies which apply to a VM running in the VDA environment.

Deliverables

(a)  Step-by-Step System Administration Procedure for Installing SCM

(b)  Step-by-Step System Administration Procedure for Managing Security Baselines using SCM

(c)  Step-by-Step System Administration Procedure for Managing Custom Baselines & Settings using SCM

Submit your deliverables in a SINGLE FILE in MS Word format (.docx or .doc file types) using the corresponding assignment folder entry (in LEO). (Use the Deliverable Template file from Course Resources > Sample Files > CSIA 310 Lab Deliverable Template.docx.) Every deliverable must use the format shown below. (Replace [Section Name] with the heading for the section, e.g. Installing SCM.)

Title:

Operating Environment:

1. Hardware

2. Software

Description:

Notes, Warnings, & Restrictions:

Resources (Further Reading):

1. 

2. 

3. 

Procedures:

[Section Name]

Brief Introduction Paragraph

1. 

2. 

3. 

[Section Name]

Brief Introduction Paragraph

1. 

2. 

3. 

Instructions

PART (A): INSTALLING MICROSOFT’S SCM TOOL

1.  Investigate the installation of the Security Compliance Manager (SCM) tool.

a.  SCM is a single user tool which must be installed in the user profile for each user who will be managing security baselines. Each user instance will be given a unique copy of the security baseline templates and the baseline database.

b.  Non-persistent VMs: you will need to install SCM each time you login to the VDA to work on this lab since student VMs are not persistent (changes made to the virtual machine are not saved).

2.  Identify appropriate sources of information (e.g. Security Compliance Manager Help, Microsoft Technet, etc.) for instructions installing the tool and its templates. Using those sources, research the procedures required to perform the following tasks:

a.  Install SCM into a user’s profile

b.  Place a short-cut (icon) for SCM on the user’s desktop

c.  Download and install supporting components for SCM (i.e. Microsoft SQL Express)

d.  Download security baseline templates for SCM (initial)

e.  Download new or updated security baseline templates for SCM (post-install)

f.  Deinstall (remove) SCM from a Windows 8.1 system (note the warnings about using an Administrator account)

3.  Develop a systems administration procedure which can be used to perform tasks listed in item #2.

4.  Test your draft procedures using the virtual machine provided in the online lab environment (UMUC’s VDA) or using a locally installed Virtual Machine (VM) running Microsoft Windows 8.1 Professional. As you run your tests, collect screen snapshots to illustrate key steps in your procedures.

PART (B): MANAGING SECURITY BASELINES USING SCM

1.  Investigate the use of SCM to create (duplicate), review, export and import security policy baselines using the SCM tool.

2.  Identify appropriate sources of information (e.g. SCM Help, Microsoft Technet, etc.) for instructions for performing management tasks for security policy baselines. (Make sure that you review the “Customize Knowledge” topic and sub-topics in the SCM help.) Using those sources, research the procedures required to perform the following tasks:

a.  Create a custom baseline (duplicate an existing baseline)

b.  Lock a custom baseline (required before the custom baseline can be duplicated)

c.  Remove a custom baseline from the SCM tool’s database

d.  Export a baseline to an Excel spreadsheet  and then review it using Excel

e.  Export a baseline from SCM to a GPO Backup

f.  Import a baseline into SCM from a GPO Backup

3.  Develop a systems administration procedure which can be used to perform tasks listed in item #2. Use one of the Windows 8.1 Baselines as your example.

4.  Test your draft procedures using the virtual machine provided in the online lab environment (UMUC’s VDA) or using a locally installed Virtual Machine (VM) running Microsoft Windows 8.1 Professional. As you run your tests, collect screen snapshots to illustrate key steps in your procedures.

PART (C): MANAGING CUSTOM BASELINES AND SETTINGS USING SCM

1.  Investigate the use of custom baselines in the SCM tool. You should examine individual settings within a baseline and view the expanded information available for each setting.

2.  Identify appropriate sources of information (e.g. SCM Help, Microsoft Technet, etc.) for instructions for editing and customizing a security policy baseline. Using those sources, research the procedures required to perform the following tasks:

a.  Expand & Collapse the View for a setting’s expanded entry in the baseline

b.  Add, change, & delete settings in a custom baseline

c.  Add and Delete a group of settings

d.  Move settings from one group to another

e.  Edit & Review properties for a group of settings

3.  Develop a systems administration procedure which can be used to perform tasks listed in item #2. Use one of the Windows 8.1 Baselines as your example.

4.  Test your draft procedures using the virtual machine provided in the online lab environment (UMUC’s VDA) or using a locally installed Virtual Machine (VM) running Microsoft Windows 8.1 Professional. As you run your tests, collect screen snapshots to illustrate key steps in your procedures.

FINALIZE YOUR PROCEDURES DOCUMENTS

1.  Using the grading rubric as a guide, refine your step-by-step procedures. Your final products should be suitable for inclusion in an organization’s Systems Administrator’s Handbook. Remember that you are preparing multiple system administration procedures.

2.  As appropriate, cite your sources using footnotes or another appropriate citation style.

3.  Use the resources section to provide information about recommended readings and any sources that you cite. Use a standard bibliographic format (you may wish to use APA since this is required in other CSIA courses). Information about sources and recommended readings, including in-text citations, should be formatted consistently and professionally.

4.  At a minimum, each systems administration procedure document must include the following sections: 

a.  Title

b.  Operating Environment

c.  Description

d.  Notes, Warnings, & Restrictions

e.  Resources (format as Bibliography or Reference list)

f.  Procedures

5.  Each procedure document should be placed in a separate file (see deliverables list above). Each file should start with a title page which lists the following information:

· Lab Title and Number

· Procedure Name

· Date

· Your Name

6.  Use a page break to separate the title page from the procedure.

Additional Requirements for this Lab

1.  Your step-by-step procedures should tell the reader where to find and how to launch the SCM tool.

2.  It is not necessary to specify every step that a system administrator must take to install and use SCM. But, you must address each major step separately and include enough detail that your reader will understand how to perform all required steps for the tasks listed in the lab.

3.  Use screen snapshots to cue the reader to important steps or provide information required to complete check points for proper completion of a step or set of steps (e.g. including a snapshot which shows the “after” state for a group of security settings).

4.  Make sure that your snapshots will enhance the reader’s understanding of the procedure and required configuration changes. Too many snapshots or illustrations can make a procedure difficult to use.

5.  All snapshots must be created by you for this lab using screen captures showing how you personally performed (tested) the systems administration procedure as written by you. You may not copy and paste images from help pages, manuals, or the Internet.

6.  Images (screen snapshots) should be cropped and sized appropriately.

7.  A screen snapshot belonging to a specific procedure step does not require a caption.

8.  Your procedures must be submitted to Turn It In for originality checking. You are encouraged to consult existing configuration instructions, guidance, and procedures for both content and format. Your work must be substantially your own, however, which means you should paraphrase whenever possible. Credit the sources of information used via footnotes and in your “Resources” section.

9.  Make sure that the sources you cite or recommend (additional reading) are authoritative and are the best ones available.

10.  Your Operating Environment section should identify the hardware, operating system, and/or software applications to which the procedure applies. For this lab, your procedures will apply to:

a.  Hardware: Laptop or Desktop Computers

b.  Operating System: Windows 8.1 Professional

11.  The Notes, Warnings, & Restrictions section should include important information that is not found elsewhere in the procedures document.  This section should also include important information about harm or risk that could occur if the procedure is not correctly followed or implemented. If there are no such warnings then this section should so state.

#2.System Administration Procedures Manual

Purpose: Consolidate systems administration procedures written for Labs 1, 2, 3, and 4 into a System Administration Procedures manual.

Objectives

1.  Develop a System Administration Manual using procedures written during the four labs in this course.

2.  Professionally edit and format a business document containing cybersecurity direction and guidance.

3.  Revise and correct procedures using feedback from the course instructor.

Overview

For this assignment, you will prepare a professionally formatted manual containing the system administration procedures written by you as part of the four labs in this course. Your manual will contain a title page, table of contents, preface, three groups of procedures, and a reference list (Bibliography is optional).

As you build your manual, you should revise the individual system administration procedures using feedback provided to you by your instructor. Note: you will not have instructor feedback for the lab 4 procedures since these are due at the same time as the manual.

Deliverable

Submit your system administration manual in MS Word format (.docx or .doc file types) using the corresponding assignment folder entry (in LEO).  You must also submit the file containing your manual to TurnItIn for originality checking.

Instructions

1.  Using the grading rubrics and other feedback from your instructor, refine your step-by-step procedures.

2.  Download and review the template file (Course Resources > System Administration Manual Template). You may use this template file or design your own manual.

3.  Complete the following sections in your Manual

a.  Title Page

b.  Table of Contents

c.  Preface (this is an introduction to the manual – who it is for and how they will use it)

d.  Section 1: Technical System Administration Procedures (paste in the procedures from lab 1 and lab 2)

e.  Section 2: Procedures for User & Group Policy Administration (paste in the procedures from lab 3)

f.  Section 3: Procedures for Security Configuration Baseline Management (paste in the procedures from lab 4)

g.  Bibliography (optional – remove if not used)

h.  References (provide a consolidated list which includes the references used in the individual procedures)

4.  Each procedure document must begin at the top of a new page in your manual. Use a page break to separate each procedure from the next procedure (page breaks are already in the template file).

5.  Adjust the section heading formatting and paragraph formatting so that your document has a neat and professional appearance.

6.  Update the Table of Contents before you save your file.

7.  Submit your file to TurnItIn for Originality Checking.

8.  Submit your file as an attachment to the LEO Assignment Folder entry for this assignment.

Notes

1.  If you did not complete a lab earlier in the course, you should take this opportunity to write the missing procedures and include them in your manual.

2.  Work completed for this assignment will only count towards your grade for this assignment and must meet the requirements of this assignment. The grades previously assigned for your work for each lab assignment will not be revised or adjusted.

3.  Captions are not required for images included inside the step-by-step procedures.

4.  Your instructor will be checking the TurnItIn report to verify that your manual is primarily your own original work and that the procedures themselves were not copied wholesale from other sources. It is expected that the overall match score will be higher than usually allowed due to the repetitive nature of step-by-step procedures and the use of standard phrasing that TurnItIn’s filters do not exclude. Matches to common phrases will not count against the student.