Part 1: 10 points
Learning Objectives and Outcomes
Analyze a mixed-version Microsoft Windows environment and identify the issues described in Microsoft Security Advisories.
You are reviewing the security status for a small Microsoft workgroup LAN. The workgroup contains many distinct separations in the network as determined by group memberships. The network consists of computers working on a variety of client platforms, such as Windows XP, Windows Vista, and Windows 7, and server products in a single environment. An example of the network divisions is as follows:
Windows laptops: Traveling salespeople, remote suppliers, branch offices
Windows desktops: Accounting group, developer group, customer service group
Windows servers: Administrative server, Microsoft SharePoint server, Server Message Block (SMB) server
Microsoft Common Vulnerability and Exposures (CVEs) are addressed through security advisories with a corresponding advisory ID. Other CVE sources attach a CVE ID to advisories. Go through the archive of Microsoft Security Advisories at http://technet.microsoft.com/en-us/security/advisoryarchive
Answer the following questions based on the advisories for the past 12 months:
1. What vulnerabilities exist for the workgroup LAN listed above based on the advisories? List five of them. Explain what could happen to the LAN for each.
2. Do any vulnerabilities involve privilege elevation? Why would this be considered a high-priority issue?
3. Identify and document 2 vulnerabilities you found interesting in terms of your computer use at home or work. How could your work or home computer be affected?
Part 2: 10 points
1. Login at www.jblcourses.com
2. View the Lab 2: Lab Video
3. Open the Lab 2: Lab Manual to view the instructions for the lab.
4. Open the Lab 2: Assessment Worksheet Assignment. USE THIS DOCUMENT TO RECORD YOUR LAB ANSWERS.
5. Launch the Lab 2: Virtual Lab.
6. Complete the steps found in the Lab Manual.