Kamis, 28 Oktober 2010

chapter 8

Lab 8.4.2



Part 1 : Configuring access policies

Step 1 : Build The Network and Configure The Hosts

c. Host-A : IP address : 192.168.2.1
                  Subnet Mask : 255.255.255.0
                  Default Gateway : 192.168.2.2
   Host-B(DMZ Server) : IP address : 192.168.189.202
                                       Subnet Mask : 255.255.255.0
                                       Default Gateway : 192.168.189.1
   External Server : IP address : 192.168.10.1
                            Subnet Mask : 255.255.255.0
                            Default Gateway : 192.168.10.2

Step 2 : Log in to the user interface

c. Tipe koneksi internet nya : wireless internet connection.

d. Default router (internal) : IP address : 192.168.1.1
                                         Subnet mask : 255.255.255.0

f. Default router (external) : IP address : 192.168.2.1
                                          Subnet mask : 255.255.255.0

Step 3 :  View Multi Function device Firewall settings

b. Status SPI firewall protection : enabled.

c. Internet filter yang digunakan : filter anonymous internet request, filter IDENT (port 113). 

d. Keuntungan memfilter IDENT Provide :  mencegah penyusup dari luar menyerang router melalui internet.
    

Step 4 : Set up Internet Access Restrictions based on IP Address 

d. Ya.

e. Tidak.

f. Menggunakan proxy.

Step 5 : Set up an Internet Access Policy based on Application

c. 

f. Ya.

g. Tidak.


Part 2 : Configuring a DMZ on the multi-function device


Step 1 : Set up simple DMZ


c. Karena DMZ berguna untuk menambahkan lapisan keamanan untuk LAN.


e. Ya.


f. Ya.


g. Tidak.


Step 2 : Set up a host with single port forwarding


d. Ya.


e. Tidak.

Lab 8.4.3


Step 1 : Download and install MBSA


b. MBSA versi 2.2


c. Fitur MBSA : 
         -Command-line and Graphical User Interface (GUI) options
         - Scan local computer, remote computer, or groups of computer
         -Scan against Microsoft's maintained list of updates (on Microsoft.com) or local server running Software Update Services 1.0
         - Scan for common security configuration vulnerabilitie
         - Scan for missing security updates
         - View reports in MBSA Graphical User Interface or Command Line Interface
         - Compatibility with SMS 2.0 and 2003 Software Update Services Feature Pack
         - Support for single processor and multiprocessor configurations
         - Localized to English, French, German, and Japanese although MBSA 1.2.1 can scan a machine of any local


f. Antara 1.5 MB - 1.7 MB


Step 2 : Build the network and configure the hosts


c. IP address : 192.168.1.1
    Subnet mask : 255.255.255.0


Step 3 : Run MBSA on a Host


a. Options yang muncul :
    - Welcome
    - Pick a computer to scan
    - Pick multiple computer to scan
    - Pick a security report to view
    - Help
    - About
    - Microsoft Security Web Site


Step 4 : Select a computer to scan


b. 2 cara spesifik untuk men-scan komputer : 
    - Scan using assign Update Services servers only
    - Scan using Microsoft Update only


Step 5 : View Security Update scan Results


a. 


b.


Step 6 : View Windows Scan Results in the Security Report


a. Local Account Password Test, Automatic Update, Guest Account, File system.


b. 


Step 7 : View Desktop Application Scan Results in the security report


a. Macro security


b. 4


c. Tidak.


Step 8 : Scan a server, if avaible


Step 10 : Refelction


a.  Tools :
        - Client versions of Windows, including Windows 
        - Windows Server, including Windows Server 2008
        - SQL Server
        - Internet Information Server (IIS)
        - Internet Explorer 
        - Microsoft Office

b. SQL server

c. Step 8.

Tidak ada komentar:

Posting Komentar