CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [282]
This lab requires a workstation running openSUSE and KDE.
If you are not using Internet Protocol version 6 (IPv6) in your network, support for it can be disabled on the workstation. To turn off IPv6 in openSUSE, follow these steps:
1. Click the launcher on the desktop and choose Applications.
2. Choose System.
3. Choose Administrator Settings. This choice starts YaST2.
4. Choose Network Devices.
5. Choose Network Settings. The Network Settings dialog box appears and defaults to the Overview tab. Click the Global Options tab.
6. Beneath IPv6 Protocol Settings, uncheck the Enable IPv6 box.
7. A warning appears that tells you that a reboot is needed to apply this change. Click OK.
8. Click Finish.
9. Exit YaST2.
10. Reboot the workstation.
Lab B.36: Turn On Folder Encryption with cipher
This lab requires a Windows XP workstation.
Folders can be encrypted from the command line in Windows XP using the cipher command.
Earlier versions of cipher allowed you to work with individual files as well as folders. Starting with Windows XP, cipher now works at the folder level only.
To use cipher to turn on folder encryption, follow these steps:
1. Choose Start Run.
2. Type cmd and press Enter. This action opens a command window.
3. Type cipher /e directory, where directory is replaced by the name of a directory/ folder on your system. Press Enter.
4. A message appears that the directory is now encrypted. To see the status of the directory, type cipher directory. A message appears stating that all new files added to this directory will be encrypted.
5. Create a file within that directory (creating a file is easily accomplished by typing echo hello > test.txt, which creates a text file with only the word hello in it).
6. Within that directory, type cipher. In the list of files that appears, you’ll see a U to the left of all files that were initially there and an E to the left of the newly created file, which indicates that it is encrypted.
7. Type exit to close the command window.
Lab B.37: Change the Minimum Password Age
This lab requires a Windows XP workstation.
Security Templates can give you access to system settings and allow you to make policy changes. The Minimum Password Age setting defines how long a user must have a password before they can change it. The default is usually 2 days, but there can be little reason for a user needing to change their password every 2 days. This exercise walks you through the steps of changing the minimum password age to 10 days:
You must be logged in as a member of the Administrators group (or as Administrator) to be able to make this change.
1. Choose Start Run.
2. Type mmc and press Enter. This action opens a console window.
3. Choose File and then Add/Remove Snap-In. Beneath Add/Remove Snap-In, click Add, and a list of available add-ins appears.
4. Choose Security Templates and click Add.
5. Click Close.
6. Click OK.
7. Expand Security Templates.
8. Expand hisecws (high security workstation).
9. Click Password Policy and the available policies/settings appear on the right.
10. Double-click Minimum Password Age and change the 2 to 10.
11. Click OK.
12. Click File and then Save.
13. Close the console. A prompt appears that asks if you want to save your change to the hisecws.inf file. Click Yes.
Lab B.38: Compare Your System to a Security Template
This lab requires a Windows XP workstation.
After you finish Lab B.37, you can compare the security settings actually employed on your system against those you specified.
You must be logged in as a member of the Administrators group (or as Administrator) to be able to make this change.
To do so, follow these steps:
1. Choose Start Run.
2. Type mmc and press Enter. This command opens a console window.
3. Choose File and then Add/Remove Snap-In. Beneath Add/Remove Snap-In, click Add, and a list of available add-ins appears.
4. Choose Security Configuration and Analysis and click Add.
5. Click Close.
6. Click OK.
7. Right-click Security Configuration