Kamis, 28 Oktober 2010

Chapter 8

Lab 8.4.2


Part 1 : Configuring access policies

Step 1 : Build The Network and Configure The Hosts

c. Host-A : IP address : 192.168.2.1
                  Subnet Mask : 255.255.255.0
                  Default Gateway : 192.168.2.2
   Host-B(DMZ Server) : IP address : 192.168.189.202
                                   Subnet Mask : 255.255.255.0
                                   Default Gateway : 192.168.189.1
   External Server : IP address : 192.168.10.1
                            Subnet Mask : 255.255.255.0
                            Default Gateway : 192.168.10.2

Step 2 : Log in to the user interface

c. Tipe koneksi internet nya : wireless internet connection.
d. Default router (internal) : IP address : 192.168.1.1
                                         Subnet mask : 255.255.255.0
f. Default router (external) : IP address : 192.168.2.1
                                          Subnet mask : 255.255.255.0

Step 3 :  View Multi Function device Firewall settings

b. Status SPI firewall protection : enabled.
c. Internet filter yang digunakan : filter anonymous internet request, filter IDENT (port 113). 
d. Keuntungan memfilter IDENT Provide :  mencegah penyusup dari luar menyerang router melalui internet.
    
Step 4 : Set up Internet Access Restrictions based on IP Address 

d. Ya.
e. Tidak.
f. Menggunakan proxy.

Step 5 : Set up an Internet Access Policy based on Application

c. 
f. Ya.
g. Tidak.


Part 2 : Configuring a DMZ on the multi-function device

Step 1 : Set up simple DMZ
c. Karena DMZ berguna untuk menambahkan lapisan keamanan untuk LAN.
e. Ya.
f. Ya.
g. Tidak.

Step 2 : Set up a host with single port forwarding

d. Ya.
e. Tidak.

Lab 8.4.3

Step 1 : Download and install MBSA
b. MBSA versi 2.2
c. Fitur MBSA :
         -Command-line and Graphical User Interface (GUI) options
         - Scan local computer, remote computer, or groups of computer
         -Scan against Microsoft's maintained list of updates (on Microsoft.com) or local server running Software Update Services 1.0
         - Scan for common security configuration vulnerabilitie
         - Scan for missing security updates
         - View reports in MBSA Graphical User Interface or Command Line Interface
         - Compatibility with SMS 2.0 and 2003 Software Update Services Feature Pack
         - Support for single processor and multiprocessor configurations
         - Localized to English, French, German, and Japanese although MBSA 1.2.1 can scan a machine of any local

f. Antara 1.5 MB - 1.7 MB


Step 2 : Build the network and configure the hosts

c. IP address : 192.168.1.1
    Subnet mask : 255.255.255.0


Step 3 : Run MBSA on a Host

a. Options yang muncul :
    - Welcome
    - Pick a computer to scan
    - Pick multiple computer to scan
    - Pick a security report to view
    - Help
    - About
    - Microsoft Security Web Site


Step 4 : Select a computer to scan

b. 2 cara spesifik untuk men-scan komputer : 
    - Scan using assign Update Services servers only
    - Scan using Microsoft Update only


Step 5 : View Security Update scan Results
a. 
b.


Step 6 : View Windows Scan Results in the Security Report

a. Local Account Password Test, Automatic Update, Guest Account, File system.

b. 


Step 7 : View Desktop Application Scan Results in the security report

a. Macro security

b. 4

c. Tidak.


Step 8 : Scan a server, if avaible


Step 10 : Refelction

a.  Tools :
        - Client versions of Windows, including Windows
        - Windows Server, including Windows Server 2008
        - SQL Server
        - Internet Information Server (IIS)
        - Internet Explorer
        - Microsoft Office

b. SQL server

c. Step 8.

Tidak ada komentar:

Posting Komentar